We have had multiple requersts and issues around the usage of the Crowd Client libraries in other OpenSource products and also in other commercial products.

Since the Crowd Client libraries are useless without a Crowd Server (something which a customer would pay for), there is really no issue in allowing the distribution of the client libraries in third party products. It is a selling point for that third party product and a revenue stream for Atlassian, if that third party customer:

1. Buys Crowd because they want SSO
2. They are already an Atlassian customer

I would suggest that not only should the Crowd REST client be made open source but also the Spring Security integration.