Crowd 2.4 : Crowd 2.2.2 Release Notes

10 March 2011


With great pleasure, the Atlassian Crowd team presents the extremely soft and gooey yet rock solid Crowd 2.2.2.

The latest releases of Crowd, JIRA and Confluence work hand in glove to offer a new GUI for rapid Crowd configuration. Crowd itself can now communicate with other Crowd installations, providing hassle-free identity sharing for larger organisations. With our new Crowd Query Language, developers using the Crowd REST API can construct powerful searches effortlessly. We've also improved the way users get automatically added to groups, for a more consistent experience.

(info) Crowd 2.2 and 2.2.1 were internal releases. Crowd 2.2.2 is the first publicly-available release of Crowd 2.2.x.

Highlights of this release:

Responding to your feedback:

(green star) 32 votes satisfied

Keep logging your votes and issues. They help us decide what needs doing!

Upgrading to Crowd 2.2.2

You can download Crowd from the Atlassian website. If upgrading from a previous version, please read the Crowd 2.2 Upgrade Notes.

Highlights of Crowd 2.2.2

 

Crowd Query Language

Developers will be delighted with the new Crowd Query Language (CQL). Using the Crowd REST API and CQL, you can easily search for and extract specific user and group information from Crowd. Just perform a GET request to the search resource with the restrictions expressed in CQL as a query parameter. Like JQL and EyeQL for JIRA and Fisheye, CQL allows for complex search functionality. Use parentheses to group restrictions and perform more complex searches.

Examples:

  • To search for all users with an email address from a specific company:
    email = *@mycompany.com*
    
  • To search for users with email addresses containing 'mycompany.com' or 'yourcompany.com' that have not been updated since December 2010:
    (email = *@mycompany.com* OR email = *@yourcompany.com*) AND updatedDate < 2010-12
    

For more information and examples, see the documentation.

 

Simple, Quick Configuration of JIRA and Confluence

The latest releases of Crowd, Confluence and JIRA bring a GUI-driven integration process. Yes, that's right, it's all in the UI. With Crowd 2.1 or later, Confluence 3.5 and JIRA 4.3, you can integrate Crowd via the administration consoles of each application. We have dramatically reduced the need to copy configuration files from place to place and to edit XML values.

We expect the dragon population to diminish quickly, as dragon slaying becomes much easier. Please note that we are targeting unfriendly, flame-blasting dragons only.

 

Connection to Other Crowd Servers

Crowd now supports connections to remote Crowd directories, allowing you to read and write user authentication, group and membership information from another Crowd installation. In particular, this benefits large installations that may have more than one Crowd installation and require identities to be sourced from multiple locations. See the documentation.

 

Improvements to the LDAP Connector

In previous releases there were two methods of adding users to LDAP: using the Crowd GUI, or adding them directly to the LDAP server and bypassing Crowd. If you were using an LDAP connector with the 'Default Group Membership' option configured, users added directly to LDAP would not be added to these default groups.

With Crowd 2.2.2, each time a user logs in via Crowd their username will be checked against the specified directory. If necessary Crowd will add the username to the specified default groups, regardless of how the user was added to the LDAP server. See the documentation.

 

Other Things Worth Mentioning

  • 32 bugs fixed.
  • Security improvements worth noting:
    • Crowd session tokens are now HttpOnly (CWD-1848).
    • Crowd now supports multiple X-Forwarded-For headers with multiple addresses (CWD-1836).
  • Support for automatic MS SQL database upgrades (CWD-2052).

Complete List of Improvements and Fixes

JIRA Issues (122 issues)
Key Summary Priority Status
CWD-962 Automation for delegated directories Major Resolved
CWD-1177 If one directory mapped to an application fails, the entire app should not be unusable. Major Resolved
CWD-1886 Non-Ascii emails are not readable Major Resolved
CWD-1655 Test Search always fails in the Directory Connector *Configuration* tab Minor Resolved
CWD-1934 Directory Importer does ignores LDAP group membership Major Resolved
CWD-2065 Email addresses with capital letters are incorrectly rejected Major Resolved
CWD-1848 crowd.token_key cookie should be HttpOnly Minor Resolved
CWD-2170 findUserWithAttributesByName of TranslatingApplicationService don't work correctly Major Resolved
CWD-1482 when creating a new connector, nested groups checkbox doesn't stay checked Major Resolved
CWD-2284 Export fails if the user doesn't contain a password Minor Resolved
CWD-1836 Support HTTP X-Forwarded-For headers with more than one IP address Minor Resolved
CWD-2322 Verify EMBCWD-806 doesn't affect our Hibernate 3 DAO implementations Blocker Resolved
CWD-2242 The way the crowd-integration-client is configured in JIRA means that it cannot see the crowd.property.http.proxy.host/crowd.property.http.proxy.port proeprties Blocker Resolved
CWD-2124 Give some sort of feedback in UI if sync fails Critical Resolved
CWD-2154 Update Atlassian importer to handle Confluence 3.5 and JIRA 4.3 Critical Resolved
CWD-2276 RemoteCrowdDirectory and ApplicationService throw InvalidAuthenticationException instead of UserNotFoundException when user cannot be found Critical Resolved
CWD-2279 CrowdDirectoryServiceImpl tries to change attributes of ImmutableApplication Critical Resolved
CWD-2311 Crowd RemoteDirectory implementations should not throw RuntimeExceptions unless there is a catastrophic, system-wide, non-recoverable error Critical Resolved
CWD-2052 Support automatic database upgrade with MS SQL Critical Resolved
CWD-1791 Improve Crowd API for embedded usage Major Resolved
CWD-2275 DbCachingRemoteDirectory.authenticateAndEnsureInternalUserExists clones the group memberships but does not check if the user is already a member Major Resolved
CWD-2198 ApplicationServiceGeneric swallows errors when removing Users from Groups Major Resolved
CWD-2088 Javadoc API classes in Crowd Major Resolved
CWD-2177 Add sync "status" feedback to common UI plugin Major Resolved
CWD-2186 Create a load test for concurrently synchronising multiple directories Major Resolved
CWD-2221 Unhandled exception when adding user when linked to a Crowd Server that is set as Read-Write but the directory does not have write permissions. Major Resolved
CWD-2184 Allow RemoteCrowdDirectory to pass in the connection properties for the underlying CrowdRestClient Major Resolved
CWD-2114 Move ConnectionPoolProperties stuff into crowd-ldap as it is not embcwd specific Major Resolved
CWD-2194 Application Management REST API should have option to add the address of the current HTTP request Major Resolved
CWD-2205 Error when clicking Cancel on the "Permissions" tab when adding/updating an application. Major Resolved
CWD-2268 Authentication should skip over failing directory in ASG Major Resolved
CWD-2004 Upgrade Template Renderer to 1.2 Major Resolved
CWD-2107 Split crowd-server module so that the crowd-rest plugin can be dropped into JIRA Major Resolved
CWD-2117 CrowdService membership removal should not throw MembershipNotFoundException Major Resolved
CWD-2123 Get Crowd SSO working with JIRA 4.3 Major Resolved
CWD-2116 Create integration test for custom remote directories Major Resolved
CWD-2128 Add unit tests for the Pony2 directory Major Resolved
CWD-2129 Remove dependency on Xalan from Crowd Embedded. Major Resolved
CWD-2098 MembershipQuery.isFindMembers() should be .isFindChildren() Major Resolved
CWD-2126 Introduce ApplicationNotFoundException Major Resolved
CWD-2113 Package the REST functional tests for JIRA Major Resolved
CWD-2122 Add ability in ApplicationService to check if a user is authorised to authenticate with an application Major Resolved
CWD-2125 *NotFoundException should subclass ObjectNotFoundException Major Resolved
CWD-2238 User should exist in the local directory after successful authentication Major Resolved
CWD-2272 Fire event on successful authentication Major Resolved
CWD-2274 DelegatedAuthenticationDirectory throws OperationFailedException if a user already exists when attempting to be cloned Major Resolved
CWD-2134 Upgrade to Integration Platform 2.9 Major Resolved
CWD-2005 Upgrade AUI to 3.2 Major Resolved
CWD-2228 ImmutableApplication.getDirectoryMapping(long) does not work correctly Major Resolved
CWD-2243 Release Crowd 2.2-rc1 Major Resolved
CWD-2223 If LDAP entry only has "sn" attribute, the first word gets cut when updating user from Jira (loss of information) Major Resolved
CWD-2121 Review the initialisation of LDAP Connection Pool settings in the system properties Major Resolved
CWD-2103 Case-insensitive String comparison is not tied to a locale Major Resolved
CWD-2175 Verify that it's possible to connect Confluence to JAACS in Confluence's setup process Major Resolved
CWD-2197 Unable to add groups to LDAP directory through crowd UI Major Resolved
CWD-2171 Allow users to choose source directory when import from crowdified Jira and Confluence Major Resolved
CWD-2133 Upgrade to Integration Platform 2.8 Major Resolved
CWD-2132 Upgrade to Integration Platform 2.7 Major Resolved
CWD-2257 Import functionality does not take into account nested groups. Major Resolved
CWD-2260 Deprecate roles in the Role Browser UI Major Resolved
CWD-2261 Announce discontinuation of JDK 5 support Major Resolved
CWD-2270 Automatic group adding should be performed on successful authentication instead of user creation Major Resolved
CWD-2271 Update UI to explain the new behaviour Major Resolved
CWD-2296 Crowd's password encoder plugins should be marked as system plugins Major Resolved
CWD-2306 Branch Crowd 2.2.1 and release RC1 Major Resolved
CWD-2112 Functional test with Confluence pointing RemoteCrowdDirectory at JIRA Major Resolved
CWD-2328 Update the default connection pool size for different database implementations to more realistic value Major Resolved
CWD-2285 Release Crowd 2.2.0 final and EMBCWD 1.0 final Major Resolved
CWD-2321 Crowd source distribution fails when doing release:perform Major Resolved
CWD-2288 Update our TPM load build to spit out CSV data consumable by the Bamboo JMeter plugin Major Resolved
CWD-2308 Logging for membership sync is too verbose Major Resolved
CWD-2191 Verify that it's possible to connect Confluence to JAACS using UAL in Confluence's setup process Major Resolved
CWD-2209 Allow directory type selection in the delegated authentication directory in EMBCWD plugin Major Resolved
CWD-2118 Read-only LDAP isn't - need separate permissions UPDATE_USER_ATTRIBUTE, UPDATE_GROUP_ATTRIBUTE for setUserAttribute, setGroupAttribute and friends Major Resolved
CWD-2130 Crowd upgrade creates null trusted proxy entry Major Resolved
CWD-2210 Implement group membership add on first auth Major Resolved
CWD-2207 Embedded UI Plugin needs to support delegated authentication directories properly Major Resolved
CWD-2208 Allow copy on auth in the delegated authentication directory in EMBCWD plugin Major Resolved
CWD-2089 Javadoc crowd-integration-api Major Resolved
CWD-2176 RemoteCrowdDirectory.updateUser() can throw IllegalArgumentException Major Resolved
CWD-2273 Change AutoGroupAdderListener to listen to the new event Major Resolved
CWD-2185 Allow nested groups to be disabled in the RemoteCrowdDirectory Major Resolved
CWD-2189 Hibernate Backed Classes should not have immutable collections passed in Minor Resolved
CWD-1721 Expose servlet module manager as host component Minor Resolved
CWD-2093 Javadoc crowd-persistence Minor Resolved
CWD-2206 Embedded UI Plugin does not merge existing attributes when updating the directory Minor Resolved
CWD-2085 Crowd source distribution builds incorrect build.sh / build.bat file Minor Resolved
CWD-1749 Umlaut and Accented Characters are not encoded properly in mails sent by crowd Minor Resolved
CWD-1984 During the installation wizard, emails with Uppercased Chars are not accepted Minor Resolved
CWD-2017 Extra tests for directory synchronisation Minor Resolved
CWD-2204 Crowd does not build against JDK 1.5 Minor Resolved
CWD-2091 Javadoc crowd-integration-client-common Minor Resolved
CWD-2226 Unhandled exception when trying to add group and Crowd Server does not have the "Add Group" permission Minor Resolved
CWD-1963 Provide a search query language to search for users / groups / memberships Minor Resolved
CWD-2138 Refactor TrustedProxyManager to store allowed proxies in a separate cache Minor Resolved
CWD-2102 Fix serialization issue with CrowdEmbeddedApplication Minor Resolved
CWD-2115 Http status code 401 not handled correctly in Crowd rest client Minor Resolved
CWD-2156 Invalid link Minor Resolved
CWD-2157 Update developer docs for Crowd 2.1 Minor Resolved
CWD-2158 memberOf Option missing from view Active Directory screen Minor Resolved
CWD-2097 Javadoc embedded-crowd-spi Minor Resolved
CWD-2084 Crowd component poms inherit wrong scm info, preventing source distributions Minor Resolved
CWD-2141 Don't allow empty Trusted Proxies Minor Resolved
CWD-1840 Remove dependency on Atlassian-User Minor Resolved
CWD-2173 crowd-integration-client-2.2.0-m4.jar not shading atlassian-cookie-tools-2.0.jar properly Minor Resolved
CWD-2232 Add better version information to Crowd's REST services Minor Resolved
CWD-2247 Export fails if an LDAP user doesn't have an email address defined Minor Resolved
CWD-2255 Add log messages to class MailManagerImpl Minor Resolved
CWD-2104 Add Application's 'Resolve IP Address' fails with IPv6 literals Minor Resolved
CWD-2283 Please update the help-paths.properties file for Crowd 2.2 Minor Resolved
CWD-2269 CachedCrowdGroupDao does not cache locally added groups in Confluence Minor Resolved
CWD-2316 DelegatedAuthenticationDirectory should not allow update a user's credential Minor Resolved
CWD-2317 Throw an OperationNotSupportedException in RemoteDirectory implementations Minor Resolved
CWD-2263 Invalid Directory validation appears twice when adding a user with no directory selected Minor Resolved
CWD-2182 Support configuration of HTTP socket and request timeouts in REST client Minor Resolved
CWD-1518 a single Capital in a email address after a dot is not accepted Minor Resolved
CWD-2095 Javadoc embedded-crowd-api Minor Resolved
CWD-2094 Javadoc crowd-remote (RemoteCrowdDirectory) Minor Resolved
CWD-2096 Javadoc embedded-crowd-core Minor Resolved
CWD-2168 SpringLDAPConnector doesn't throw OperationFailedException from CommunicationException when LDAP server connection refused Minor Resolved
CWD-2090 Javadoc crowd-integration-client-api Minor Resolved
CWD-2092 Javadoc crowd-integration-client-rest Minor Resolved

Attachments:

LDAPCachingOverviewFromGliffyDiagram.jpg (image/jpeg)
LDAPCaching-2.1-ReleaseNotes (application/octet-stream)
ConnectionPoolForReleaseNotes.png (image/png)
dummy (text/xml)
ForgotPassword.png (image/png)
crowd-crowd2.png (image/png)
JIRACrowdConfig.png (image/png)
crowd-crowd2.png (image/png)
crowd-crowd-diagram.png (image/png)