Very few changes it looks like, just bugfixes. It is horribly documented versus other Atlassian products and it isn't mentioned in some places like the Atlassian blogs. Can anyone give any insight? Is this something we should keep on continue to pay? Lack of SAML and OAuth Support leave a pretty expensive product with very little features IMO.
Speaking as a Crowd developer, we are still working on Crowd. Much of our recent work has been focussed on improvements for On Demand (some of which carries over) and other not-immediately-visible things like performance and consistency improvements, but we do still intend to release 2.8.0 with new features soon.
Is there a particular part of the documentation that you'd like to see improved?
Woohoo. We are using Download version so that may be why.
I'm interested in your opinion why Crowd doesn't have OAuth or SAML Support? We currently have a seperate database that has clones of each application just to hold a 'redirect url' field and implemented our own OAuth that uses pycrowd behind the scenes for authentication. This is okay, but frustrating to maintain 2 lists.
I also find it frustrating that even when we only sync specific groups with other Atlassian products, it shares all users. I.E. Group A only has 50 people, but after syncing, Stash shows all 500 users, not the just the 50 that have access to the app.
Another frustration is probably confluence-specific where licenses are counted even though users are inactive in Crowd if they are in an active group that has permission to Crowd. I had to write a script that removes inactive employees from all groups to resolve that issue.
My opinion (as in personal opinion, not Atlassian-sanctioned, etc) as to why we don't have full SAML support is that traditionally Atlassian has sold to smaller companies first (or small groups within larger companies), for whom SAML hasn't been a priority. Now that Atlassian is targetting enterprises directly, I wouldn't be surprised if we eventually reverse the "no full SAML" decision of years ago (before I was working on Crowd). However, I would expect that would rank *after* other enterprise-focussed features like clustering/high availability.
As for OAuth, my opinion (again, personal opinion, not speaking on behalf of Atlassian, etc), it's more likely we'd add support for app authentication via OpenID first (with the separate openid server becoming part of Crowd), before possibly adding support for OpenID Connect.
Again, this is not our official roadmap - just some personal thoughts on what I think we might end up doing.
Sorta guessing here but if the user cannot be found then when indexing/displaying history of the object exceptions are thrown in the log - I know this is true for JIRA and believe it's true for Confluence.
So if your inactive Crowd users didn't sync over to Confluence they wouldn't be 'seen' by the indexer - and so they would generate a bunch'a NPE's, caught in exception blocks, and throw stack traces.
The best approach is to 'deprecate' the user as part of the company's 'goodbye' process - moving their Atlassian account into one that isn't counted against any of the related application licenses. As far as users not in groups setup via crowd for access to the apps 'appearing' in the user lists IDK. Taking a look at our local stash instance to test.
If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot