JForum Authentication Client



Product Versions



Adrian Pillinger


Dolby Laboratories, Inc. (









Download JAR


Download Source


Plugin jar for JForum to allow authentication to occur against a crowd instance instead of JForum's own authentication.


  • User login authentication against crowd.
  • Auto-registration of users with JForum on 1st login if they are successfully authenticated by crowd.

Auto-registration is particularly useful if you configure Crowd to delegate authentication to a directory such as LDAP which contains all company users. The first time a company employee logs into JForum with crowd he/she will automatically be registered with JForum.


Building the source

Skip this step if you do not want to change the source code and download the pre-built jar instead (see above).

Setup for build

  1. Download the source zip (see above)
  2. Install Maven 2 if not already installed
  3. Unpack the zip to your preferred location
  4. At the command line go into the unpacked zip's directory
  5. Run the following command to install JForum's jar into Maven so the project will compile
    mvn install:install-file -Dpackaging=jar -DartifactId=jforum -Dversion=2.1.8 -Dfile=lib/jforum-2.1.8.jar -DgroupId=net.jforum -DgeneratePom=true

Edit, compile and build source code

  1. Edit the source files found in src/main/java as required
  2. At the command line go into the unpacked zip's directory
    • Run the following command to build the jar
      mvn clean install
    • Run the following command to build the javadoc
      mvn javadoc:javadoc

JAR files and Javadoc will be found in the generated target directory.

Installing and Configuring the authenticator in JForum

Install the JAR and supporting crowd libraries

Copy the jforum-crowd-authenticator-X.X.jar and all client libraries supplied with crowd standalone download to jforum.war/WEB-INF/lib.
i.e. crowd-integration-client-x.x.x.jar and the contents of the lib directory all within atlassian-crowd-x.x.x/client directory

See Crowd Downloads.

I had a version clash with log4j when I performed this in JBoss so I needed to remove log4j from jforum.war/WEB-INF/lib

Configure JForum Authentication

Edit jforum.war/WEB-INF/config/ and update the login.authenticator line to

login.authenticator = com.dolby.crowd.integration.JForumCrowdAuthenticator

Configure JForum crowd connectivity

Add a file to jforum.war/WEB-INF/classes configured for your crowd instance. An example is supplied with crowd (see atlassian-crowd-x.x.x/client/config) e.g.


The main properties that require amending in the properties file are:

Setup Crowd

Create a new application in crowd with the name and password that matches the you installed in JForum. See crowd docs on configuring a new application in crowd and adding users/groups etc.

Running JForum

Start up JForum and go to JForums login page. Logging in will now authenticate against crowd and if the user is authenticated by crowd but has not been authorised in crowd the user will automatically be registered in JForum.


Version History




Initial authenticator client


Updated to store dummy password in JForum instead of actuall password. This is due to JForum storing passwords in plain text



  1. Cool!  I tried installing this in a JForum instance using your instructions, and it worked great out of the box. Good work!

    One thing that would be really cool is to add SSO support to the plugin, so that if someone is signed onto a different Crowd-enabled app and links over to JForum, they'd stay logged in.  I'm not sure what the complexity would be for that, but it would definitely be handy.

  2. Great plugin! Thank you very much! I agree that SSO support would be cool, as would reading groups from Crowd.

    I'll also note that in order to make it work under Tomcat, I had to install the xfire jar and some of it's dependancies.

    1. I've written an SSO implementation for JForum-Crowd. It's my first time writing code for JForum and for Crowd, so I'd appreciate anyone's input on the code:

      I want to add in Group syncing on auth, but I haven't done it yet.

      1. Just added Group syncing during auth as a configurable option.

          1. Cool! Cheers for letting me know, I'll try and check it out soon.


  3. Some observations on JForum - Crowd integration and SSO implementation. 

    1.  If users and groups are deleted in Crowd, it is not getting reflected in JForum.

    2.  If SSO is enabled and enabling crowd authentication for JForum, a logged confluence user when logs out of confluence doesn't automaticallly logs him out of JForum. His session is still visible in "Who is Online" page of JForum.   When again the user logs into Confluence and then accesses JForum, his name is reflected as Anonymous in Who is Online page of JForum.