What's the correct way to use Groups for Crowd using SSO?

Brian Louks October 26, 2011

I've been playing a bit with Crowd integration with JIRA and Confluence and using SSO. I have a single user base (just employees of my company). I want to use Single sign on between JIRA and Confluence.

I have JIRA 4.2.3, Confluence 3.4.9 and Crowd 2.3.3

Two questions:

  1. How many user directories should I have in Crowd? One directory for all employees, or one for each of JIRA and Confluence (where each employee has an account in both)?
    I assume it's one directory (Single Sign On doesn't appear to work when I add my users to both a JIRA and Confluence directory)
  2. Assuming I should go with one directory, how should I do groups? I have Confluence groups that I don't want to show up in JIRA, and I have JIRA groups that I don't want to show up in Confluence. But when I have a single directory, and I add a Confluence group to a user, that group also appears in JIRA for that user. And vice versa.

Any tips on how this should be set up?

1 answer

1 accepted

0 votes
Answer accepted
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
October 26, 2011

Use one directory and use groups in the applications to control athentication into the applications. Yes you will see all the groups from the directories in each application but those groups don't need to have 'use' permissions to those applications.

Oh and I guess, the group assignments etc.. really have nothing to do with SSO. You can't have some users supporting SSO and others not (that I'm aware of anyway)

Brian Louks October 26, 2011

Thanks for the confirmation. SSO only plays in because then I can't use different directories for different applications. If I wasn't using SSO, I could create a directory for each app, with identical user names in each, and keep the groups separate.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events