Documentation for Crowd 2.8. Documentation for earlier versions of Crowd is available too.

Skip to end of metadata
Go to start of metadata

10 March 2011

With great pleasure, the Atlassian Crowd team presents the extremely soft and gooey yet rock solid Crowd 2.2.2.

The latest releases of Crowd, JIRA and Confluence work hand in glove to offer a new GUI for rapid Crowd configuration. Crowd itself can now communicate with other Crowd installations, providing hassle-free identity sharing for larger organisations. With our new Crowd Query Language, developers using the Crowd REST API can construct powerful searches effortlessly. We've also improved the way users get automatically added to groups, for a more consistent experience.

(info) Crowd 2.2 and 2.2.1 were internal releases. Crowd 2.2.2 is the first publicly-available release of Crowd 2.2.x.

Highlights of this release:

Responding to your feedback:

(green star) 32 votes satisfied

Keep logging your votes and issues. They help us decide what needs doing!

Upgrading to Crowd 2.2.2

You can download Crowd from the Atlassian website. If upgrading from a previous version, please read the Crowd 2.2 Upgrade Notes.

Highlights of Crowd 2.2.2


Crowd Query Language

Developers will be delighted with the new Crowd Query Language (CQL). Using the Crowd REST API and CQL, you can easily search for and extract specific user and group information from Crowd. Just perform a GET request to the search resource with the restrictions expressed in CQL as a query parameter. Like JQL and EyeQL for JIRA and Fisheye, CQL allows for complex search functionality. Use parentheses to group restrictions and perform more complex searches.


  • To search for all users with an email address from a specific company:
    email = **
  • To search for users with email addresses containing '' or '' that have not been updated since December 2010:
    (email = ** OR email = **) AND updatedDate < 2010-12

For more information and examples, see the documentation.


Simple, Quick Configuration of JIRA and Confluence

The latest releases of Crowd, Confluence and JIRA bring a GUI-driven integration process. Yes, that's right, it's all in the UI. With Crowd 2.1 or later, Confluence 3.5 and JIRA 4.3, you can integrate Crowd via the administration consoles of each application. We have dramatically reduced the need to copy configuration files from place to place and to edit XML values.

We expect the dragon population to diminish quickly, as dragon slaying becomes much easier. Please note that we are targeting unfriendly, flame-blasting dragons only.


Connection to Other Crowd Servers

Crowd now supports connections to remote Crowd directories, allowing you to read and write user authentication, group and membership information from another Crowd installation. In particular, this benefits large installations that may have more than one Crowd installation and require identities to be sourced from multiple locations. See the documentation.


Improvements to the LDAP Connector

In previous releases there were two methods of adding users to LDAP: using the Crowd GUI, or adding them directly to the LDAP server and bypassing Crowd. If you were using an LDAP connector with the 'Default Group Membership' option configured, users added directly to LDAP would not be added to these default groups.

With Crowd 2.2.2, each time a user logs in via Crowd their username will be checked against the specified directory. If necessary Crowd will add the username to the specified default groups, regardless of how the user was added to the LDAP server. See the documentation.


Other Things Worth Mentioning

  • 32 bugs fixed.
  • Security improvements worth noting:
    • Crowd session tokens are now HttpOnly (CWD-1848).
    • Crowd now supports multiple X-Forwarded-For headers with multiple addresses (CWD-1836).
  • Support for automatic MS SQL database upgrades (CWD-2052).

Complete List of Improvements and Fixes

Key Summary P Status
CWD-962 Automation for delegated directories Major Resolved
CWD-1177 If one directory mapped to an application fails, the entire app should not be unusable. Major Resolved
CWD-1886 Non-Ascii emails are not readable Major Resolved
CWD-1655 Test Search always fails in the Directory Connector *Configuration* tab Minor Resolved
CWD-1934 Directory Importer does ignores LDAP group membership Major Resolved
CWD-2065 Email addresses with capital letters are incorrectly rejected Major Resolved
CWD-1848 crowd.token_key cookie should be HttpOnly Minor Resolved
CWD-2170 findUserWithAttributesByName of TranslatingApplicationService don't work correctly Major Closed
CWD-1482 when creating a new connector, nested groups checkbox doesn't stay checked Major Resolved
CWD-2284 Export fails if the user doesn't contain a password Minor Resolved
CWD-1836 Support HTTP X-Forwarded-For headers with more than one IP address Minor Resolved
CWD-2035 Support configuration from environment variables Minor Resolved
CWD-1758 Trusted Proxy Servers list comparison fails if the list entry has spaces Minor Resolved
CWD-2322 Verify EMBCWD-806 doesn't affect our Hibernate 3 DAO implementations Blocker Resolved
CWD-2242 The way the crowd-integration-client is configured in JIRA means that it cannot see the proeprties Blocker Resolved
CWD-2154 Update Atlassian importer to handle Confluence 3.5 and JIRA 4.3 Critical Resolved
CWD-2276 RemoteCrowdDirectory and ApplicationService throw InvalidAuthenticationException instead of UserNotFoundException when user cannot be found Critical Closed
CWD-2311 Crowd RemoteDirectory implementations should not throw RuntimeExceptions unless there is a catastrophic, system-wide, non-recoverable error Critical Resolved
CWD-2052 Support automatic database upgrade with MS SQL Critical Resolved
CWD-2279 CrowdDirectoryServiceImpl tries to change attributes of ImmutableApplication Critical Resolved
Showing 20 out of 125 issues Refresh

  • No labels