Configuring directories for failover authentication

Adding an extra user directory for failover authentication means that when the primary directory is unavailable (e.g. due to a connection timeout), Crowd will authenticate your users by trying the next directory from the list. It works like a backup directory for authentication and ensures that your users can log in even if the primary directory is not working.

To add a failover authentication directory:

  1. Log in to the Crowd Administration Console.
  2. Click the 'Directories' link in the top navigation bar.
  3. This will display the Directory Browser. Click the 'Add Directory' link.
  4. This will display the 'Select Directory Type' screen. Choose the 'Delegated Authentication' directory type.
    For details on how to configure this type of directory, see Configuring a Delegated Authentication Directory.
  5. Map the failover directory to the right application that already uses the primary directory.
  6. The failover directory will appear at the bottom of the list. Use the blue up-arrow or down-arrow to move it right after the primary directory.

Note

  • Map the failover directory to each application you’d like to use it for.
  • Specify the same user access rights for the primary and failover directories (either all users can log in, or only specific groups.)

Example

The following example shows a simple scenario, where a failover directory is added to Crowd.

  1. A remote directory Directory 1 is defined in Crowd.
  2. Two applications are using this directory – Jira and Confluence.
  3. A replica of this directory is in your infrastructure, but it hasn't been added to Crowd yet.

You define an extra directory in Crowd that points to the replica. If Directory 1 is down, Crowd will use the replica to authenticate your users. Your setup should then look like in the image below:


Last modified on Oct 11, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.