Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-1348

Client applications should only see principals which have been authorised to access the application

    • Icon: Suggestion Suggestion
    • Resolution: Duplicate
    • None
    • Core features

      Currently, a client application can "see" all the principals in the directories configured for that application.

      Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

      In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()

            [CWD-1348] Client applications should only see principals which have been authorised to access the application

            Monique Khairuliana (Inactive) made changes -
            Current Status Original: {panel:title=Atlassian Update - 08 November 2019|borderStyle=solid|borderColor=#3C78B5|titleBGColor=#3C78B5|titleColor=#FFFFFF|bgColor=#E7F4FA}

            This issue has been duplicated by the issue at [CWD-5145 Only users who have access to applications connected to Crowd should be synchronized from Crowd to those applications|https://jira.atlassian.com/browse/CWD-5145]. Please watch that issue for further updates.

            {panel}
            New: {panel:title=Atlassian Update - 08 November 2019|borderStyle=solid|borderColor=#3C78B5|titleBGColor=#3C78B5|titleColor=#FFFFFF|bgColor=#E7F4FA}

            This feature request is currently tracked at [CWD-5145 Only users who have access to applications connected to Crowd should be synchronized from Crowd to those applications|https://jira.atlassian.com/browse/CWD-5145]. Please watch that issue for further updates.

            {panel}
            Monique Khairuliana (Inactive) made changes -
            Current Status New: {panel:title=Atlassian Update - 08 November 2019|borderStyle=solid|borderColor=#3C78B5|titleBGColor=#3C78B5|titleColor=#FFFFFF|bgColor=#E7F4FA}

            This issue has been duplicated by the issue at [CWD-5145 Only users who have access to applications connected to Crowd should be synchronized from Crowd to those applications|https://jira.atlassian.com/browse/CWD-5145]. Please watch that issue for further updates.

            {panel}
            Description Original:
            Currently, a client application can "see" all the principals in the directories configured for that application.

            Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

            In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()
            New: Currently, a client application can "see" all the principals in the directories configured for that application.

            Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

            In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()
            Monique Khairuliana (Inactive) made changes -
            Description Original: {panel:title=Atlassian Status as of 27 April 2011|borderStyle=solid|borderColor=#3C78B5| titleBGColor=#3C78B5| bgColor=#E7F4FA}

            Hi folks,
             
            Thanks for your continued support and feedback, we wanted to give you an update on the status of this issue.
             
            Over the medium term, the direction we're taking with Crowd is to focus on scalability, reliability and performance. Unfortunately, it means that this feature is unlikely to be included in any near-term improvements to the product, as workflows and management don't align with our future direction.

            We are aware of the issue, and recognise that it is something that needs to be done, however, it's unrealistic that it will ship within the next 18 months.
             
            Regards,
            Eugene
            Atlassian Product Management


            {panel}

            Currently, a client application can "see" all the principals in the directories configured for that application.

            Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

            In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()
            New:
            Currently, a client application can "see" all the principals in the directories configured for that application.

            Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

            In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()
            Monique Khairuliana (Inactive) made changes -
            Resolution Original: Won't Fix [ 2 ] New: Duplicate [ 3 ]
            Status Original: Closed [ 6 ] New: Closed [ 6 ]

            Hi folks,
             
            Thanks for your continued support and feedback, we wanted to give you an update on the status of this issue.
             
            Back in April 2011, We closed this feature request as "Won't Fix" as it was not the direction that our product team was heading then.
            Recently, we reviewed this feature request and it seems like something our product team would like to explore on.
             
            For the sake of preserving the ticket history, we will keep this feature request ticket closed and ask you to cast your votes in the newer ticket, so we can measure the impact and interest of this feature more accurately.
            Here's the newer ticket:

            Regards,
            Monique
            Atlassian Support Team

            Monique Khairuliana (Inactive) added a comment - - edited Hi folks,   Thanks for your continued support and feedback, we wanted to give you an update on the status of this issue.   Back in April 2011, We closed this feature request as "Won't Fix" as it was not the direction that our product team was heading then. Recently, we reviewed this feature request and it seems like something our product team would like to explore on.   For the sake of preserving the ticket history, we will keep this feature request ticket closed and ask you to cast your votes in the newer ticket, so we can measure the impact and interest of this feature more accurately. Here's the newer ticket: CWD-5145 Only users who have access to applications connected to Crowd should be synchronized from Crowd to those applications   Regards, Monique Atlassian Support Team
            Monique Khairuliana (Inactive) made changes -
            Link New: This issue duplicates CWD-5145 [ CWD-5145 ]
            Katherine Yabut made changes -
            Workflow Original: JAC Suggestion Workflow [ 3363195 ] New: JAC Suggestion Workflow 3 [ 3629100 ]
            Status Original: RESOLVED [ 5 ] New: Closed [ 6 ]

            This absolutely needs to be reviewed, I am shocked that this will not be fixed.  I echo all of the previous comments made on this subject!

            Simon Dixey added a comment - This absolutely needs to be reviewed, I am shocked that this will not be fixed.  I echo all of the previous comments made on this subject!
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 1392413 ] New: JAC Suggestion Workflow [ 3363195 ]
            Assignee Original: David O'Flynn [Atlassian] [ doflynn ]
            Issue Type Original: New Feature [ 2 ] New: Suggestion [ 10000 ]

            Oliver added a comment -

            As described in our support ticket (which was closed), the current implementation is an issue and we are not requesting an enhancement but a bugfix.

            Atlassian does not seem to be aware that we have a GDPR?

            https://gdpr-info.eu

             

            Oliver added a comment - As described in our support ticket (which was closed), the current implementation is an issue and we are not requesting an enhancement but a bugfix. Atlassian does not seem to be aware that we have a GDPR? https://gdpr-info.eu  

              Unassigned Unassigned
              pkamal Partha
              Votes:
              36 Vote for this issue
              Watchers:
              37 Start watching this issue

                Created:
                Updated:
                Resolved: