Crowd 3.4 Upgrade Notes

Before upgrading to Crowd 3.4, read the following sections to make sure you're aware of all the important changes. We highly recommend that you read about all the new features in the Crowd 3.4 Release Notes.

Known issues & Security considerations

Infinite-authentication-loop in Confluence and Jira

If you’re using SAML authentication with Crowd in Confluence or Jira and you encounter a restricted area in one of these applications, you’ll be redirect to Crowd to authenticate. Once you authenticate in Crowd, you’ll be redirected back to your application. Since you don’t have permissions to access that particular area, the application redirects you again to Crowd this way creating an infinite loop. The Crowd team is currently working on a solution to this issue.


Protection against brute-force attacks

If you’re using an external directory with Crowd, it will protect you against such brute-force attacks as submitting many passwords or passphrases to a log in page. However, for internal directories, there’s no limit for passwords attempts by default. To enable the maximum password attempts, in your directory click the configuration tab and set the maximum password attempts to >0. See Configuring an Internal Directory

Upgrade procedure

To upgrade Crowd from any of the earlier versions,  follow these upgrade instructions.


Last modified on Mar 13, 2019

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.