Stash 1.2 : Connecting to Crowd

You can configure Stash to use Atlassian Crowd for user and group management, and for authentication.

Atlassian Crowd is an application security framework that handles authentication and authorisation for your web-based applications. With Crowd you can integrate multiple web applications and user directories, with support for single sign-on (SSO) and centralised identity management. See the Crowd Administration Guide.

Connect to Crowd if you want to use Crowd to manage existing users and groups in multiple directory types, or if you have users of other web-based applications.

To connect Stash to Crowd:

  1. Log in as a user with 'Admin' permission.
  2. Click Administration in the top menu.
  3. Choose Accounts > User Directories.
  4. Click Add Directory and select Atlassian Crowd.
  5. Enter settings, as described below.
  6. Test and save the directory settings.
  7. Define the directory order, on the 'User Directories' screen, by clicking the blue up- and down-arrows next to each directory. The directory order has the following effects:
    • The order of the directories is the order in which they will be searched for users and groups.
    • Changes to users and groups will be made only in the first directory where the application has permission to make changes.

Server settings

Setting

Description

Name

A meaningful name that will help you to identify this Crowd server amongst your list of directory servers. Examples:

  • Crowd Server
  • Example Company Crowd

Server URL

The web address of your Crowd console server. Examples:

  • http://www.example.com:8095/crowd/
  • http://crowd.example.com

Application Name

The name of your application, as recognised by your Crowd server. Note that you will need to define the application in Crowd too, using the Crowd administration Console. See the Crowd documentation on adding an application.

Application Password

The password which the application will use when it authenticates against the Crowd framework as a client. This must be the same as the password you have registered in Crowd for this application. See the Crowd documentation on adding an application.

Crowd permissions

Stash offers Read Only permissions for Crowd directories. The users, groups and memberships in Crowd directories are retrieved from Crowd and can only be modified from Crowd. You cannot modify Crowd users, groups or memberships using the Stash administration screens.

For local Stash directories, Read Only and Read/Write permissions are available.

Advanced settings

Setting

Description

Enable Nested Groups

Enable or disable support for nested groups. Before enabling nested groups, please check to see if the user directory or directories in Crowd support nested groups. When nested groups are enabled, you can define a group as a member of another group. If you are using groups to manage permissions, you can create nested groups to allow inheritance of permissions from one group to its sub-groups.

Synchronisation Interval (minutes)

Synchronisation is the process by which the application updates its internal store of user data to agree with the data on the directory server. The application will send a request to your directory server every x minutes, where 'x' is the number specified here. The default value is 60 minutes.