Very few changes it looks like, just bugfixes. It is horribly documented versus other Atlassian products and it isn't mentioned in some places like the Atlassian blogs. Can anyone give any insight? Is this something we should keep on continue to pay? Lack of SAML and OAuth Support leave a pretty expensive product with very little features IMO.
Speaking as a Crowd developer, we are still working on Crowd. Much of our recent work has been focussed on improvements for On Demand (some of which carries over) and other not-immediately-visible things like performance and consistency improvements, but we do still intend to release 2.8.0 with new features soon.
Is there a particular part of the documentation that you'd like to see improved?
Woohoo. We are using Download version so that may be why.
I'm interested in your opinion why Crowd doesn't have OAuth or SAML Support? We currently have a seperate database that has clones of each application just to hold a 'redirect url' field and implemented our own OAuth that uses pycrowd behind the scenes for authentication. This is okay, but frustrating to maintain 2 lists.
I also find it frustrating that even when we only sync specific groups with other Atlassian products, it shares all users. I.E. Group A only has 50 people, but after syncing, Stash shows all 500 users, not the just the 50 that have access to the app.
Another frustration is probably confluence-specific where licenses are counted even though users are inactive in Crowd if they are in an active group that has permission to Crowd. I had to write a script that removes inactive employees from all groups to resolve that issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Are you using LDAP for these users? If so you might want to try and create a more specific filter query on LDAP to refine the list. Just an idea.
The last item sounds like a bug ... hopefully fixed in a later version of Crowd? Caspar?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
My opinion (as in personal opinion, not Atlassian-sanctioned, etc) as to why we don't have full SAML support is that traditionally Atlassian has sold to smaller companies first (or small groups within larger companies), for whom SAML hasn't been a priority. Now that Atlassian is targetting enterprises directly, I wouldn't be surprised if we eventually reverse the "no full SAML" decision of years ago (before I was working on Crowd). However, I would expect that would rank *after* other enterprise-focussed features like clustering/high availability.
As for OAuth, my opinion (again, personal opinion, not speaking on behalf of Atlassian, etc), it's more likely we'd add support for app authentication via OpenID first (with the separate openid server becoming part of Crowd), before possibly adding support for OpenID Connect.
Again, this is not our official roadmap - just some personal thoughts on what I think we might end up doing.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I read that last one as "inactive users in Crowd still get sync'd to Confluence and considered to be active by Confluence due to their group memberships", which is working as designed as far as I know (unfortunately).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Kyle,
Sorta guessing here but if the user cannot be found then when indexing/displaying history of the object exceptions are thrown in the log - I know this is true for JIRA and believe it's true for Confluence.
So if your inactive Crowd users didn't sync over to Confluence they wouldn't be 'seen' by the indexer - and so they would generate a bunch'a NPE's, caught in exception blocks, and throw stack traces.
The best approach is to 'deprecate' the user as part of the company's 'goodbye' process - moving their Atlassian account into one that isn't counted against any of the related application licenses. As far as users not in groups setup via crowd for access to the apps 'appearing' in the user lists IDK. Taking a look at our local stash instance to test.
-wc
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, same question one year later . A new release (3.0 ?) is it planned ? with a global avatar management ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.