Hi, we would like to allow new users to our Atlassian eco system to automatically be added to Crowd (we use a delegated LDAP connector to actually authenticate). I've been looking at the Crowd source code, and there appears to be a way to add a completely independant directory (sub-class RemoteDirectory), but we want to have something like this instead:
1 - intercept attempt to autehtnicate (i.e. be the top directory in the directory stack)
2 - look in the othe directories to see if the user already exists in say "jira-users". We don't want to go to LDAP, because we don't care about the authenticaiton, we wan to let the normal delegate direcotry do that...but before that happens we want to always pre-add the user to the delegated LDAP directory.
3 - if the user isn't in jira-users (of the delegated directory) yet, then add them.
4- always fail authentication (always fall through to the next directory). I guess if know what the actual delegate directory is we could just call its authenticate method and return that result to be a little more efficient.
It seems reasonable, but to do that, I think we need to instantiate things like the SystemInfoHelper to be be able to fetch a DirectoryManager and list/query the other directories...but in all the various classes I've looked at, you have to provide cache instances or loader instances, and I don't know ehre to get or how to generate them.
I guess I could go through ALL of the crowd source code and figure the whole thing out, but that seems like a lot of overkill to do whwt other people must have already done several times. This is a standard enterprise kind of feature; incrementally add users from the big corporate LDAP. Surely others have done this arleady? Is this the best approach? Does anyone know of an example implementation they can share?
I did look at:
But I don't think its checking the existing directories, just going straight to custom data like a database. This plugin looked primising:
But the source code doesn't exist anymore. Does anyone happen to have a copy of it? I was thinking maybe I could look at it to see how it uses the existing Crowd classes (even though its for a much older version of Crowd).
I also looked in the crowd admin panel hoping that I had just overlooked a simple "auto-add" users option, but I couldn't find one anywhere. There is a feature for adding users to a group the first time they authenticate, but means adding the user to the LDAP directory already...in our case that would mean importing 30-40,000 users...we don't want to do that, we want incremental addition and incremental addition to groups at the same time.
I guess maybe I shoudl try to dig up the actual LDAP implementtion inside Crowd and see what it does on the first time lookup of a user.
If you have any tips/pointers on doing "auto-add" of users incrementally, please let me know...
As a Belgian, beer-lover and home brewer, beer is one of my great passions. I love the fact that with just a few ingredients (usually just water, hop and malt) you can create so many different tastes...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot