Atlassian's Crowd identity management system can be integrated with Bamboo. This allows you to use Crowd as a user directory manager for Bamboo.
The integration process requires you to configure Crowd to talk to Bamboo, then configure Bamboo to talk to Crowd. Hence, the instructions below reference the Crowd documentation. Ensure that you are referring to the correct version of the Crowd documentation.
If you have JIRA 4.3 or later, you can also manage your users via JIRA. The process for connecting Bamboo to JIRA for user management is the same as the process for connecting Bamboo to Crowd for user management (described below).
Bamboo 3.2 should work with versions of Crowd from 2.1 onwards. We recommend Crowd 2.3 or later for performance reasons. Versions earlier than 2.1 are not supported.
Step 1. Configuring Crowd to Talk to Bamboo
For instructions on how to configure Crowd to talk to Bamboo, please refer to the Integrating Crowd with Atlassian Bamboo for the latest version of Crowd, which can be found in the Crowd Administrator's Guide. If you are using an older version of Crowd, find the documentation from the Crowd documentation homepage.
Step 2. Configuring Bamboo to Talk to Crowd
- Click theicon and select Bamboo admin.
- Select User Repositories (under 'Security').
Choose Users and groups from JIRA or Crowd and configure the connection settings, as follows:
Enter the URL of your Crowd server:
If using Crowd 2.1 or older versions:
If using Crowd 2.2 or newer versions:
If your Crowd server's port is configured differently from the default (8095), set it accordingly.
Enter the application name that you specified when configuring Crowd in Step 1 above.
Select Change password and set the password that you specified when configuring Crowd in Step 1 above.
Cache Refresh Interval
Set to the number of minutes between requests to validate if the user is logged in or out of the Crowd SSO server. Setting this value to 1 or higher will increase the performance of Crowd's integration.
While valid, setting this value to 0 will cause performance issues on large installations - authentication checks will occur on each request. You can only set it to 0 directly in the xml configuration file.
Click this link to synchronise users and groups from Crowd to Bamboo. Note, this operation may take a long time depending on the number of users that need to be synchronised.
- Click Save
2.1 Configure External User Management in BambooIf you are connecting Bamboo to an external user management system and do not have rights to update user attributes there, you will need to prevent users from being updated in Bamboo. In this case, you should ensure that the Read-only External User Management? check-box is checked. For example, if Crowd directory permissions don't allow any remote changes, then Bamboo will give an error message if an attempt is made to change user account settings. We are tracking this bug: - BAM-12002Getting issue details... STATUS .
To configure the external user management option in Bamboo:
- Navigate to Administration > Security Settings.
- Click Edit.
Select the Read-only External User Management? checkbox. The table below outlines the correct configuration for Bamboo, depending on your external user management setup:
External User Management Setup
Read-only External User Management? check-box
Bamboo integrated with — Crowd using the Crowd database (i.e. Internal Directories)
Bamboo integrated with — Crowd connected to a read-only LDAP
Bamboo integrated with — Crowd connected to a read-write LDAP
Bamboo integrated with — Crowd with authentication-only delegated to LDAP.
- Click Save.
2.2 (Optional) Enable Single Sign-On
Single sign-on (SSO) is optional when integrating Bamboo and other Atlassian products with Crowd. To use centralised authentication without SSO, skip the steps below.
To enable single sign-on (SSO), you will configure Bamboo's authentication and access request calls to use Seraph. To configure Seraph-based authentication:
- Shut down Bamboo.
- Edit the
Comment out the
Add a new authenticator, by adding the following tag:
- Start Bamboo. Bamboo's authentication and access request calls will now be performed using Seraph.
- Test times for synchronising Bamboo-Crowd — As a guideline, we were able to synchronise 5000 users in six seconds in our internal tests using Crowd 2.3.1. Older versions of Crowd took three minutes to complete the same task.
- If you want to configure the Bamboo-Crowd connection settings manually (e.g. to change the proxy settings), you can find the
atlassian-user.xmlfiles in the