Problem
Atlassian Crowd is a great login and user identity system, with a (relatively) easy SSO setup (especially for other Atlassian apps).
Crowd can also be used to reset user passwords and send the user an email with a password reset link. However, confusingly after a successful password reset/update the user gets dumped to the Crowd login page. Now, Crowd is a user/identify management system so normal users (i.e. non-crowd admins) can't actually login. What it should do is redirect the user to another login page (e.g. confluence, or another app) on a successful password reset.
Solution
An easy solution here is to use your web-server of choice (Apache, nginx, ...) to redirect to another site/login-page on the URL query string ?passwordUpdateSuccessful=true
.
I use Apache2 and outline it's use specifically for Atlassian web apps here. Below is part of my VirtualHost config for Crowd, with a RewriteRule to redirect to my confluence instance's login page (see lines 10-12):
<VirtualHost *:443> ServerName crowd.jaytaala.com ProxyRequests Off ProxyVia Off ProxyPreserveHost On RewriteEngine On # redirect to confluence when passwordUpdateSuccessful=true RewriteCond %{QUERY_STRING} passwordUpdateSuccessful=true RewriteRule ^(.*)$ https://confluence.jaytaala.com/login.action? [R,L] RewriteCond %{REQUEST_URI} !^/crowd/ [OR] RewriteCond %{REQUEST_URI} about.jsp$ RewriteRule ^(.*)$ http://127.0.0.1:8095/crowd/ [P,L] ProxyPass / http://127.0.0.1:8095/ ProxyPassReverse / http://127.0.0.1:8095/ ... </VirtualHost>
Lines 10-12 show the redirect when the URL looks like ...?passwordUpdateSuccessful=true
. So as soon as the password update/reset is completed successfully, Apache will redirect to my confluence login page (the final ?
removes the query string "passwordUpdateSuccessful=true"
on the redirect.
Lines 14-16 are optional and used to redirect all root requests to the /crowd/
context (see Redirecting Crowd root requests to crowd context - skip landing page).
References
Related articles