Crowd 2.4 : Crowd 1.3 Beta Release Notes

20 February 2008

Crowd 1.3 will be launched early in March 2008. A beta release is currently undergoing internal testing. These release notes apply to Crowd 1.3 beta. We'll publish the final release notes with the release of Crowd 1.3.0.


If you would like to participate in testing the beta release, please contact Crowd Support.

Upgrading to Crowd 1.3 Beta

If upgrading from a previous version, please read the Upgrade Notes.

What's Coming in Crowd 1.3


 LDAP Authentication with Crowd Groups and Roles

  • Crowd 1.3 provides a new directory type, Delegated Authentication, combining the features of a Crowd internal directory with delegated LDAP authentication.
  • This allows you to have your users authenticated via an external LDAP directory while managing the groups and roles in Crowd.
  • Use Crowd's flexible and simple group management when the LDAP groups do not suit your requirements. For example, you can set up a group configuration in Crowd for use with Confluence and other Atlassian products.
  • Avoid the performance issues which might result from downloading large numbers of groups from LDAP.
  • Use the new Directory Importer, described below, to synchronise your LDAP users with your Crowd directory.
  • When a user logs in for the first time, Crowd automatically adds them to the Crowd directory if not already present.


 Cross-Directory User Importer

  • Our new Directory Importer allows you to copy your users from one directory into another.
  • Provided that the directory is defined in Crowd, you can copy from and to any directory type.
  • For example, you might import users, groups, roles and memberships from an LDAP directory to a new Delegated Authentication directory (described above) so that you can manage the users, groups and roles in Crowd while allowing users to log in with their LDAP passwords.
  • Read about the Directory Importer.

 Streamlined User Interface

  • The Crowd Administration Console has a new menu structure and an enhanced look-and-feel.
    sed functions, so that an administrator has fewer steps to perform and interaction is more intuitive.
  • The 'Help' links on the Administration Console point directly to the relevant documentation pages.

 Simplified Installation and Setup

  • Database configuration is now part of the Setup Wizard, which will update the configuration files based on the options you select.
  • You can choose between a JNDI datasource (i.e. server-managed) or a simpler JDBC configuration.
  • When upgrading, you can import an XML backup of your Crowd database or connect to an existing database via the Setup Wizard. This means that you don't have to go through the whole Setup Wizard, nor do a manual backup and restore of your Crowd database files.

 Logging and Profiling Configuration via Console

  • Enable profiling and configure your logging levels via the Crowd Administration Console.

 Improved Performance and Efficiency

  • You'll notice faster search results on the Administration Console screens, such as the Application Browser and User Browser, etc.
  • That annoying 'POSTDATA has expired' message no longer appears when you click the 'Back' button.
  • Search results returned to a Crowd application are now sorted alphabetically — such as the list of groups shown in a Confluence group picker.
  • We've fixed the Hibernate StaleStateException error that was causing occasional performance degradation and authentication failures.
  • You can choose to store the login session tokens in the Crowd database (as done prior to Crowd 1.3) or in memory (new option as from Crowd 1.3). Depending upon your installation, in-memory storage could greatly improve response times during authentication. Read about configuring token storage.
  • Gzip compression of Crowd Security Server output is now optional. You can turn it on or off via the Crowd Administration Console. Some reasons why you may want to turn Gzip compression off:
    • It may be easier to debug problems using uncompressed data.
    • Some agents, such as older versions of Internet Explorer, have problems with the Gzip format.

 Highlights for the Developers

  • The Java client library API has been upgraded. Read more about the API changes and the upgrade notes.
  • You can pass the crowd.properties file to a client application as an environment variable.

Updates and Fixes in this Release

JIRA Issues (69 issues)
Key Summary Priority Status
CWD-897 Generic LDAP Directory type is displayed as OpenLDAP not Generic Major Closed
CWD-882 Unalble to update the 'active' flag of an Application Major Resolved
CWD-855 OGNL exceptions are thrown when remoing Groups and Roles in the Demo app Minor Resolved
CWD-849 Rationalise the path to crowd-init.properties that's displayed on startup Minor Resolved
CWD-847 Error message is confusing when no directories are mapped to an application Trivial Resolved
CWD-838 Updating any directory type in Crowd has multiple validation problems. Major Resolved
CWD-830 Change Crowd WAR deployment to zip archive. Major Resolved
CWD-829 When updating a Delegated or Connector based directory, required fields are not marked as required. Major Resolved
CWD-828 When updating an Internal Directory, there is no validation performed on the Configuration tab Major Resolved
CWD-824 Session timeout during the installation should be larger than 5 minutes Major Resolved
CWD-823 JDBC connection should default to MySQL Major Resolved
CWD-822 crowd-init.properties value not set error message during startup is not useful Major Resolved
CWD-818 Admin Console: Selected tab CSS needs tweaking for Windows compatability Minor Resolved
CWD-817 Default results per page to 100 Major Resolved
CWD-806 Fix log4j.properties so dates are displayed in log files. Major Resolved
CWD-805 Crowd's Add Directory Screen indicates we support Open Directory. Major Resolved
CWD-802 Allow to pass the contents of the crowd.properties programmatically to the crowd client Major Resolved
CWD-800 When associating a Group/Role to a Principal in the Demo application, an error is displayed Major Resolved
CWD-799 When creating a Group/Role to a Principal in the Demo application, an exception is thrown. Minor Resolved
CWD-798 When adding a Group or Role via the Demo app, the description field is not being persisted. Minor Resolved
CWD-790 Have you seen the client/lib directory lately? The current count is about 46 JAR files! Major Resolved
CWD-775 Add Logging & Profiling functionality into Crowd Admin screen. Major Resolved
CWD-768 Hibernate DAOs for Principals and Groups close the Hibernate Session when adding Critical Resolved
CWD-767 Crowd's Client libraries should be slimmed down to a single JAR file containing all required classes for a Crowd Client Major Resolved
CWD-765 File missing in 1.2.2 release Major Resolved
CWD-758 Hibernate StaleStateExceptions in Crowd Major Resolved
CWD-757 Crowd with delegated LDAP auth - update documentation for Bamboo-Crowd integration Major Resolved
CWD-739 Concurrency Issue in client libraries may result in multiple caches Major Resolved
CWD-738 Allow configuring of request logs in the Crowd client libraries. Blocker Resolved
CWD-731 OGNL Exception being thrown when updating a principal Major Resolved
CWD-728 The Internal Directory is throwing a java.lang.IndexOutOfBoundsException: Index: 0, Size: 0 on requiresPasswordChange() Major Resolved
CWD-727 Poor logging of a Token miss in the In-memory token cache. Major Resolved
CWD-726 java.lang.IllegalStateException: Can't overwrite cause exception seen in Crowd Major Resolved
CWD-724 Configuration classs for the LDAP importer Major Resolved
CWD-723 LDAP Importer, to migrate data from one directory into another. Major Resolved
CWD-720 Enable import from XML in the setup process Major Closed
CWD-716 Error when attempting to remove a group Major Resolved
CWD-711 The HTTPAuthenticator isAuthenticated method should initially check for a token Major Resolved
CWD-706 Fix logging on startup for the OpenID Server. Stop the logging of Hibernate INFO. Minor Resolved
CWD-703 Crowd OpenID WAR file is missing commons-logging jar. Critical Resolved
CWD-700 The isMember call for groups can be slow for very large groups in an Internal Directory Major Closed
CWD-699 Crowd SSO is incompatible with JIRA 3.12/Confluence 2.7 trusted application feature. Major Resolved
CWD-694 ehcache-1.2.3.jar is missing from client/lib folder. Major Resolved
CWD-688 Help links directly in the administration console Major Closed
CWD-686 Sort groups, users and roles before returning results to the security server client Major Resolved
CWD-685 Write System Info page to atlassian-crowd.log on Crowd startup Major Resolved
CWD-675 remove "cache-control: no-store" on search results pages Major Resolved
CWD-669 Adding group/role with prefixed space causes Hibernate error Major Resolved
CWD-666 Persistence system should use c3p0 so hibernate's default pooling system is not used. Major Resolved
CWD-654 Xalan is missing from the demo applications WEB-INF/lib folder. Blocker Closed
CWD-650 Update the crowd distribution module parent POM version to version 10 Major Resolved
CWD-649 Update the atlassian-crowd module parent POM version to version 7 Major Closed
CWD-646 Move FishEye connector outside crowd-core Major Resolved
CWD-645 Use Spring dependency injection for SecurityServerClient and HttpAuthenticator in Crowd applications Major Resolved
CWD-639 Crowd hanging client applications, error with token manager Critical Resolved
CWD-633 Allow the crowd.properties file to be passed to a Client application as an environment variable Major Resolved
CWD-622 Make SecurityServerClient not static Major Closed
CWD-586 start_crowd.sh and build.sh fail on Solaris Major Resolved
CWD-584 Adding a Principal to Sun DSEE 6.2 throws a NullPointerException Major Resolved
CWD-570 First Name not being displayed from Apache DS Minor Resolved
CWD-499 Creating Groups and Principals fails on 2000 Major Resolved
CWD-481 Support CRYPT encryption in OpenLDAP connector Major Resolved
CWD-466 Storing login tokens in an external DB is inefficient Critical Resolved
CWD-453 Crowd core jar breaks in Grails, need a new slimmed-down client jar Minor Resolved
CWD-427 OpenLDAP Connector should default to SSHA encryption. Major Resolved
CWD-389 GZip compression is optional through the administration console. Major Resolved
CWD-350 Tuckey rewrite filter dials home by doing a DNS lookup. Critical Resolved
CWD-208 Mixed authentication and authorization support for external directory connectors. Major Resolved
CWD-149 Config Test doesn't appear to obey Directory and Group rules Major Resolved

Attachments:

Delegate LDAP Authentication (text/xml)
LDAPDelegationDiagram.png (image/png)
5-sml.png (image/png)
4-sml.png (image/png)
3-sml.png (image/png)
2-sml.png (image/png)
1-sml.png (image/png)
7-sml.png (image/png)
6-sml.png (image/png)