Integrating Crowd with Atlassian CrowdID

Atlassian CrowdID is a free add-on to Crowd. It gives administrators a secure way to provide OpenID accounts for their users.

When installing Crowd 1.1+ the Crowd Setup Wizard allows you to install CrowdID with Crowd. If you chose to install CrowdID as part of the Setup Wizard, there is no need for further configuration. The CrowdID server will be up and running at http://localhost:8095/openidserver

If you have not already installed CrowdID, follow the instructions below to install it now.

Prerequisites

  1. Download and install Crowd. Refer to the Crowd installation guide for detailed information on how to do this. We will refer to the Crowd root folder as CROWD.
  2. This guide assumes that CrowdID was NOT installed with the installation of Crowd. If CrowdID was installed using the Crowd Setup Wizard, there is no need for further configuration.

Step 1. Configuring Crowd to Talk to CrowdID

1.1 Prepare Crowd's Directories/Groups/Users for CrowdID

The CrowdID application will need to locate users from a directory configured in Crowd. You will need to set up a directory in Crowd for CrowdID. For information on how to do this, see Adding a Directory. We will assume that the directory is called CrowdID Directory for the rest of this document. It is possible to assign more than one directory for an application, but for the purposes of this example, we will use CrowdID Directory to house CrowdID users.

CrowdID also requires an administrator group to exist in the directory. You need to ensure that a crowd-administrators groups exist in the CrowdID Directory. Any user in this group will have CrowdID administrator access.

The Crowd documentation has more information on creating groups, creating users and assigning users to groups.

1.2 Define the CrowdID Application in Crowd

Crowd needs to be aware that the CrowdID application will be making authentication requests to Crowd. We need to add the CrowdID application to Crowd and map it to the CrowdID Directory.

  1. Crowd Administration Console にログインし、[Applications] > [Add Application] に移動します。
  2. Complete the 'Add Application' wizard for the CrowdID application. 
    • For the Application type select 'Generic Application'
    • For Name and Password, the values you specify must match the application.name and application.password that you will set in the CROWD/crowd-openidserver-webapp/WEB-INF/classes/crowd.properties file. (See Step 2 below.)

Need more help? See the full instructions for the Add application wizard. 

1.3 Specify which Users can Log In to CrowdID

Once Crowd is aware of the CrowdID application, Crowd needs to know which users can authenticate (log in) to CrowdID via Crowd. As part of the 'Add Application' wizard, you will set up your directories and group authorizations for the application. If necessary, you can adjust these settings after completing the wizard. Below are some examples.

You can either allow entire directories to authenticate, or just particular groups within the directories. In our example, we will allow the entire CrowdID Directory to authenticate:

詳細については「アプリケーションにアクセスできるグループを指定する」をご参照ください。

1.4 Specify the Address from which CrowdID can Log In to Crowd

As part of the 'Add Application' wizard, you will set up CrowdID's IP address. This is the address which CrowdID will use to authenticate to Crowd. If necessary you can add a hostname, in addition to the IP address, after completing the wizard. See Specifying an Application's Address or Hostname.

Step 2. Configuring CrowdID to Talk to Crowd

CROWD/crowd-openidserver-webapp/WEB-INF/classes/crowd.properties を編集します。次のプロパティを変更します。

キー

application.name

crowd-openid-server
The application.name and application.password must match the Name and Password that you specified when you defined the application in Crowd (see Step 1 above).

application.password

The application.name and application.password must match the Name and Password that you specified when you defined the application in Crowd (see Step 1 above).

application.login.url

http://localhost:8095/openidserver
The application.login.url should point to the correct host and port of the CrowdID application.

crowd.server.url

http://localhost:8095/crowd/services/
If your Crowd server's port is configured differently from the default (i.e. 8095), set it accordingly.

session.validationinterval

This is the number of minutes between validation requests, when Crowd validates whether the user is logged in to or out of the Crowd SSO server. Set this value to 0 if you want authentication checks to occur on each request. Otherwise set to the required number of minutes between validation requests. Setting this value to 1 or higher will increase the performance of Crowd's integration.

オプション設定の詳細については「crowd.properties ファイルについて」をご参照ください。

After editing these properties, you must restart your CrowdID container before the changes will take effect.

See CrowdID in Action

  • Go to http://localhost:8095/openidserver and log in with any user in the CrowdID Directory.
関連トピック

Crowd ドキュメント

最終更新日: 2021 年 10 月 15 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.