Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-1263

Provide flag to filter users/groups to client applications based on application's permission to authenticate.

    XMLWordPrintable

    Details

    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      When a directory is associated with an application in Crowd, all users and groups returned by the scope of the directory configuration are displayed in client applications. We should provide the ability to filter users/groups for client apps based on the ability to authenticate in the client app.

      • Setup an LDAP server with users, only some are added to a group.
      • Add the LDAP directory to crowd
      • Login to crowd and under Applications, click on "Add Application".
      • In the directories tab, remove the internal directory and add the LDAP directory (allow all to authenticate = false)
      • In the groups tab, add the LDAP group
      • Go to the users tab.

      Expected: Only users from the LDAP group to be present, the rest have no permission to authenticate and are not part of the valid groups.
      Actual: All users from the directory are present.

      This is a design decision in Crowd, as most customers want all users and groups to be present, regardless of the ability to authenticate. We may consider providing a toggle for this behaviour in the future, but it's not on a roadmap at present.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              donna@atlassian.com Donna McGahan [Atlassian]
              Votes:
              33 Vote for this issue
              Watchers:
              36 Start watching this issue

                Dates

                Created:
                Updated: