Confluence support for DIGEST MD5
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
The <securityAuthentication> element in the atlassian-user.xml configuration file for Confluence does not support the "DIGEST-MD5" authentication method. Instead, Confluence is designed to work with the "simple" authentication method.
Solution
Confluence does not support the DIGEST-MD5 in our atlassian-user.xml file. If you set as DIGEST-MD5, then the following properties will also need to be set.
java.naming.security.sasl.authorizationId
java.naming.security.sasl.realm
javax.security.sasl.qop
javax.security.sasl.strength
javax.security.sasl.server.authentication
javax.security.sasl.maxbuffer
javax.security.sasl.policy.noplaintext
javax.security.sasl.policy.noactive
javax.security.sasl.policy.nodictionary
javax.security.sasl.policy.noanonymous
javax.security.sasl.policy.forward
javax.security.sasl.policy.credentials
These parameters could potentially be passed as properties to the JVM startup (setenv.sh/bat): -
Confluence code does NOT read these properties in the xml file, so this workaround should work theoretically, though Atlassian has not officially tested this configuration.
Was this helpful?