Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Auto-add users to Crowd?

Michael Garvin
Michael Garvin January 26, 2012

Hi, we would like to allow new users to our Atlassian eco system to automatically be added to Crowd (we use a delegated LDAP connector to actually authenticate). I've been looking at the Crowd source code, and there appears to be a way to add a completely independant directory (sub-class RemoteDirectory), but we want to have something like this instead:

1 - intercept attempt to autehtnicate (i.e. be the top directory in the directory stack)

2 - look in the othe directories to see if the user already exists in say "jira-users". We don't want to go to LDAP, because we don't care about the authenticaiton, we wan to let the normal delegate direcotry do that...but before that happens we want to always pre-add the user to the delegated LDAP directory.

3 - if the user isn't in jira-users (of the delegated directory) yet, then add them.

4- always fail authentication (always fall through to the next directory). I guess if know what the actual delegate directory is we could just call its authenticate method and return that result to be a little more efficient.

It seems reasonable, but to do that, I think we need to instantiate things like the SystemInfoHelper to be be able to fetch a DirectoryManager and list/query the other directories...but in all the various classes I've looked at, you have to provide cache instances or loader instances, and I don't know ehre to get or how to generate them.

I guess I could go through ALL of the crowd source code and figure the whole thing out, but that seems like a lot of overkill to do whwt other people must have already done several times. This is a standard enterprise kind of feature; incrementally add users from the big corporate LDAP. Surely others have done this arleady? Is this the best approach? Does anyone know of an example implementation they can share?

I did look at:

http://forums.atlassian.com/thread.jspa?messageID=257282866

But I don't think its checking the existing directories, just going straight to custom data like a database. This plugin looked primising:

But the source code doesn't exist anymore. Does anyone happen to have a copy of it? I was thinking maybe I could look at it to see how it uses the existing Crowd classes (even though its for a much older version of Crowd).

I also looked in the crowd admin panel hoping that I had just overlooked a simple "auto-add" users option, but I couldn't find one anywhere. There is a feature for adding users to a group the first time they authenticate, but means adding the user to the LDAP directory already...in our case that would mean importing 30-40,000 users...we don't want to do that, we want incremental addition and incremental addition to groups at the same time.

I guess maybe I shoudl try to dig up the actual LDAP implementtion inside Crowd and see what it does on the first time lookup of a user.

If you have any tips/pointers on doing "auto-add" of users incrementally, please let me know...

Thanks!

(^_^)/

mike.

Michael Garvin

mgarvin@avaya.com

Answer
Watch
Like Be the first to like this
839 views

1 answer

0 votes
Michael Garvin
Michael Garvin January 26, 2012

Sorry I fogot to paste in the proper link for the plugin I did find that does this (for older Crowd versions):

https://plugins.atlassian.com/plugin/details/5613

I did also comment on the Wiki there asking Jonathan for a pointer to the source code.

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events