Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-1348

Client applications should only see principals which have been authorised to access the application

    XMLWordPrintable

    Details

    • Type: Suggestion
    • Status: Resolved (View Workflow)
    • Priority: Low
    • Resolution: Won't Fix
    • Affects Version/s: 1.5.2
    • Fix Version/s: None
    • Component/s: Administration
    • Labels:

      Description

      Atlassian Status as of 27 April 2011

      Hi folks,
       
      Thanks for your continued support and feedback, we wanted to give you an update on the status of this issue.
       
      Over the medium term, the direction we're taking with Crowd is to focus on scalability, reliability and performance. Unfortunately, it means that this feature is unlikely to be included in any near-term improvements to the product, as workflows and management don't align with our future direction.

      We are aware of the issue, and recognise that it is something that needs to be done, however, it's unrealistic that it will ship within the next 18 months.
       
      Regards,
      Eugene
      Atlassian Product Management

      Currently, a client application can "see" all the principals in the directories configured for that application.

      Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

      In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()

        Attachments

          Issue Links

          blocks

          Suggestion - CWD-1263 Provide flag to filter users/groups to client applications based on application's permission to authenticate.

          • Medium - Medium priority issues
          • Gathering Interest

          KRAK-452 Loading...

          causes

          Bug - A problem which impairs or prevents the functions of the product. FE-871 Re-Sync on crowd, will add all users in the directories rather than only the ones that belong to the configured group in the crowd application

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. BAM-4801 Integration with Crowd explodes user count

          • Low - Low priority issues
          • Needs Triage

          EMBCWD-924 Loading...

          has a derivative of

          Suggestion - CONFCLOUD-27854 Allow groups and users synced from a Crowd directory to be filtered

          • Resolved

          Suggestion - CONFSERVER-27854 Allow groups and users synced from a Crowd directory to be filtered

          • Resolved
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. CWD-4469 Users are synced with the application even if they don't have permissions to login

          • Low - Low priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CWD-4488 Not abiding by Crowd's Allow all to authenticate - False

          • Low - Low priority issues
          • Closed
          is related to

          Suggestion - CWD-432 Client applications should only see groups which have been allocated to them

          • Medium - Medium priority issues
          • Under Consideration
          mentioned in

          Page Loading...

          Page Loading...

            Activity

              People

              Votes:
              36 Vote for this issue
              Watchers:
              36 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Last commented:
                5 days ago