Integrating Crowd with Atlassian Bitbucket Server
You can use Crowd to provide external authentication, and to determine group memberships for authorization, for Atlassian's Bitbucket Server.
On this page:
Prerequisites
- Download and install Crowd. Refer to the Crowd installation guide for detailed information on how to do this. We will refer to the Crowd root folder as
CROWD
. - Download and install Bitbucket Server. Refer to either Getting started (if running the Bitbucket Server installer) or Install Bitbucket Data Center from an archive file, for detailed information on how to do this. We will refer to the Bitbucket Server root folder as
Bitbucket
.
Crowd Client JAR
Please make sure you use the default Crowd client JAR that ships with Bitbucket Server.
Step 1. Configuring Crowd to talk to Bitbucket Server
1.1 Prepare Crowd's directories/groups/users for Bitbucket Server
The Bitbucket Server application will need to authenticate users against a directory configured in Crowd. You will need to set up a directory in Crowd for Bitbucket Server. For more information on how to do this, see Adding a Directory. We will assume that the directory is called Bitbucket Directory for the rest of this document. It is possible to assign more than one directory for an application, but for the purposes of this example, we will use Bitbucket Directory to house Bitbucket Server users.
If you wish to use Crowd groups to control access to your Bitbucket Server projects, you should set up your groups in Crowd. See the documentation on Creating Groups for more information on how to define these groups.
Use Crowd to create at least one user in the Bitbucket Directory. If you are using groups, assign your user(s) to the appropriate groups. The Crowd documentation has more information on creating users and assigning users to groups.
1.2 Define the Bitbucket Server application in Crowd
Crowd needs to be aware that the Bitbucket Server application will be making authentication requests to Crowd. We need to add the Bitbucket Server application to Crowd and map it to the Bitbucket Directory:
- Log in to the Crowd Administration Console and navigate to Applications > Add Application.
- Complete the 'Add Application' wizard for the Bitbucket Server application. See the instructions.
When prompted for an Application Type, choose Generic Application if the Bitbucket Server option is not available.
Note that the Name and Password values you specify in the 'Add Application' wizard must match those for Application Name and Application Password that you will set in Bitbucket Server's 'Configure Atlassian Crowd Server' screen (see Step 2 below).
1.3 Specify which users can log in to Bitbucket Server
Once Crowd is aware of the Bitbucket Server application, Crowd needs to know which users can authenticate (log in) to Bitbucket Server via Crowd. As part of the 'Add Application' wizard, you will set up your directories and the group memberships that Bitbucket Server will use for authorization. If necessary, you can adjust these settings after completing the wizard.
You can either allow entire directories to authenticate, or just particular groups within the directories. If you only specific groups to be able to log in, please see Mapping a Directory to an Application and Specifying which Groups can access an Application.
1.4 Specify the address from which Bitbucket Server can log in to Crowd
As part of the 'Add Application' wizard, you will need to tell Crowd the IP address and/or hostname of the server that Bitbucket Server is connecting from. See Specifying an Application's Address or Hostname.
Step 2. Configuring Bitbucket Server to talk to Crowd
2.1 Connecting Bitbucket Server to Crowd
To set up Bitbucket Server to use Crowd authentication, follow the instructions in Connect Bitbucket to Crowd.
2.2 Configure group permissions in Bitbucket Server (if required)
If you have created groups in the Crowd directory which is mapped to your Bitbucket Server application (see Step 1 above), the Crowd groups can be seen in Bitbucket Server. Now you can set up group permissions for your Bitbucket Server projects. See Creating projects.
2.3 Configure Bitbucket Server to enable SSO with Crowd (optional)
Once the Crowd directory has been set up, you can enable Crowd SSO integration in Bitbucket Server. See Connecting to Crowd for details.