Page tree

Upgrading to Jira 8? - Important notice: https://docs.kantega.no/pages/viewpage.action?pageId=57278555





Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

These settings applies to both SAML and Windows Integrated Authentication (Kerberos), and are found under the Common menu.

Disable traditional username / password login

Kantega Single Sign-on will by default keep traditional username / password login available. However, when stronger authentication mechanisms (like 2FA) is applied, it is useful to disable this alternative. By disabling the username and password fields from login pages, users will be forced to authenticate via the single sign-on mechanisms.

Enabling this will not let you log in to an administrator account with username and password. If necessary, you may disable this feature by deleting the following file on your Atlassian product server:

<atlassian_home_folder>/kerberos/disable_username_password_login.txt

It takes up to one minute for change to have effect if you disable by removing the file.


Please notice that this is not to be considered a bulletproof security feature.

Users with the knowledge of modifying HTML or sending REST request directly, will still in

theory be able to log in using username and password.


Forced SSO URLs

Kantega Single Sign-on will by default only authenticate users where your Atlassian product would otherwise require them to log in with a username and password.

By activating Forced SSO URLs, users may be logged in also on pages that normally do not require this.


  • No labels