Please, Please, Please. Fix this.

The issue mentioned by Chris 5 months ago, JRA-60747 was fixed in the meantime.

This bug is a huge pain for us and a lot of our customers, as we have to manually sync everytime a new user was created.

People even have to create plugins or write scripts to work around this issue. This results in a lot of frustration and unnecessary waste of resources.

It's unfortunately that over-arching design flaws like this aren't managed / addressed together by Atlassian.

CWD-2650 was just fixed, and JRA-60747 is Awaiting Development. How long before work begins on the same problem in Confluence (and Bamboo)? After waiting 4.5 years to get this fixed, it would be great to have a date when this issue will be fixed across the entire Atlassian stack rather than piecemeal fixes being released.

I just fear this flaw will be fixed in some Atlassian products, but other individual Atlassian product teams will continue to sit on it for another 4.5 years...

Bump!

We have crowd delegating our authentication to LDAP. I have just received a notification that crowd support for apache will be discontinued. As things are SSO is the only feature that, to us, gives crowd some value. But this feature is crippled by this issue. At this point I'm starting to have some doubts about our investment in this tool.

From our testing Jira, Confluence and Bamboo have this issue, while Crucible and Stash work without a problem and sync the user on first login.

This problem is a real deal breaker for Crowd SSO used with AD delegated authentication, since when you create a new use in AD, that user won't end up into Crowd until the user tries to login into one of the Crowd applications, but when the user tries to login into e.g. Confluence, it will get an error and will have to wait for the next Confluence sync to be able to login.

But the biggest deal breaker is that the Confluence automatic sync doesn't mean a thing here, since until the user ends up in Crowd it will never sync with Confluence, so the user has to login and fail on the first attempt.

This affects also JIRA and I guess all other Atlassian products providing the sso authenticator.
Affected is also Seraph 2.6.0 in the products

That's pretty clear after almost 2 years. Perhaps you should consider open sourcing some of the integration code so we could fix it ourselves when you can't find the time to fix bugs you introduce between your products.

I like the "for us" part of it. I couldn't have written it better.

Hi There

Due to a number of factors, although we acknowledge that this issue exists and needs to be resolved it is not a top priority for us at this time.

Regards

shaffenden: Yes, I just tested in 5.1.3. If I create a new user in my existing Delegated LDAP Directory and log into Crowd directly with the credentials, my user authenticates successfully. If I then go to Confluence prior to a Crowd sync, login fails:

2013-06-20 12:50:23,105 WARN [http-9130-5] [atlassian.seraph.auth.DefaultAuthenticator] login login : 'steve' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

I then go back into Confluence as an admin, sync the Crowd directory, and 'steve' logs in successfully. There should be a one-time lookup when a use auths via the SSO class and their name is not in the DB cache yet, similar to how the check is made in the default authenticator class for Confluence.