Well, I’ve previously developed an SSO (Single Sign On) system build on on top of CAS and Spring. It integrate famous products from Atlassian called Confluence and Jira.
It was a bit hard to do LDAP user and group management in older version of Confluence and Jira.
I just requested by client to setup Confluence+LDAP integration for user authentication only (note that this is not including LDAP user & group managemet) using ActiveDirectory.
I am surprised that doing this now (in Confluence 2.7.x) is more simple than what I did before.
Here is what I do to make it works:
Firstly, Go to confluence installation dir (%CONFLUENCE_HOME%).
Edit %CONFLUENCE_HOME%/confluence/WEB-INF/classes/atlassian-user.xml and add lines below:
<ldap key="exampleLdapRepository" name="Example LDAP Repository" cache="true">
<!-- server config -->
<host>ad.example.com</host>
<port>389</port>
<securityPrincipal>cn=user,ou=admins,dc=example,dc=com</securityPrincipal>
<securityCredential>password</securityCredential>
<securityProtocol>plain</securityProtocol>
<securityAuthentication>simple</securityAuthentication>
<baseContext>ou=users,dc=example,dc=com</baseContext>
<!-- tree config -->
<baseUserNamespace>ou=users,dc=example,dc=com</baseUserNamespace>
<baseGroupNamespace>ou=groups,dc=example,dc=com</baseGroupNamespace> <!-- ignored -->
<usernameAttribute>cn</usernameAttribute>
<userSearchFilter>(objectClass=user)</userSearchFilter>
<firstnameAttribute>displayName</firstnameAttribute>
<surnameAttribute>sn</surnameAttribute>
<emailAttribute>mail</emailAttribute>
<groupnameAttribute>cn</groupnameAttribute>
<groupSearchFilter>(objectClass=ignoredSinceWeUseUserAuthOnly)</groupSearchFilter>
<membershipAttribute>member</membershipAttribute>
<userSearchAllDepths>true</userSearchAllDepths>
<groupSearchAllDepths>false</groupSearchAllDepths>
</ldap>
Above task will enable authentication to LDAP. Since we’re not managing groups in LDAP, now the problem is authenticated users does not belong to any group so that they can’t use Confluence (minimum group is confluence-users). Therefor we need to use Dynamic-Group plugin so authenticated users will automatically joined to groups that already specified by admin in configuration files.
It seems like the page is never updated :p. Someone has reported that the plugin didn’t work for Confluence 2.7 or later. 
But, I finally found that the plugin is actually shipped with confluence 2.7 :D. what you need to do is edit %CONFLUENCE_HOME%/confluence/WEB-INF/classes/seraph-config.xml and,
Replace:
<authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>
With:
<authenticator class="com.atlassian.confluence.user.ConfluenceGroupJoiningAuthenticator"/>
Save, and restart tomcat. All LDAP users under ou=users,dc=example,dc=com now should be able to use Confluence 
References:
- Add LDAP Integration
- Customising atlassian-user.xml
- Automatically Adding LDAP users to confluence users Group
abis rubah posisi nih tim Java + Web Designer…Si Bos minta kita di atur per-team… sebab team Community bakalan kesibukan. Ada project rame…