This page last changed on Feb 25, 2007 by justen.stepka@atlassian.com.

Integration is very straight forward with Crowd. When performing a security request to the server the following happens:

  • The application client authenticates with the security server, this token may be reused by the application client by followup calls. During this step the security server will validate the client's credentials and the remote address verses known client addresses.
  • Using the authenticated token from the previous step, the application client then is able to perform the security request.

Crowd ships with pre-built integration classes that handle the authentication and token management for application clients. Should the requesting token become invalid, the client library will attempt to re-authenticate and perform the security request. If the second authentication request fails, an exception is thrown specifying the application client credentials are invalid.

The Crowd framework allows the application client to perform the following:

  • Authenticate a principal.
  • Validate and invalidate an existing principal authentication.
  • Find a principal by their authentication token.
  • Search principals, groups and roles by name or attributes
  • Add principals, groups and roles.
  • Validate principal group and role membership.
  • Add and remove principals from groups and roles.
  • Update principal attribute data.
  • Update or reset and principal's authentication credentials.

As a reference, bundled with the download archive, is the source to the demo application. The demo application highlights best practices when using the Crowd framework. The Crowd download archive contains the entire source to the demo application, which can be used as an example when integrating your web applications. The source to the demo application is located in the src folder of the download archive.

Communication Sequence Example


Document generated by Confluence on Mar 08, 2007 18:50