Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-3796

Group amalgamation behaviour is inconsistent in Crowd

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Medium
    • Resolution: Fixed
    • 2.7.1
    • 2.8
    • None
    • None

    Description

      Crowd should amalgamate all group memberships for the same username across multiple directories. This works when querying the members of a group, but not when querying the group memberships of a user.

      This works (pseudo-code):
      crowdGroup.getUsers();

      This does not:
      crowdUser.getGroups();

      Here's the offending REST endpoint:
      localhost:4990/crowd/rest/usermanagement/1/user/group/direct?username=user1&start-index=0&max-results=-1

      What this can mean in downstream applications is that all groups are amalgamated when a user logs in to Confluence, but when they log in to the admin console, they only get the memberships from the top directory in Crowd. This has caused problems for users where their confluence-administrators and jira-administrators groups are in the second place directory, and logging in to the admin console means they lose these groups and authentication fails.

      Attachments

        Issue Links

          Activity

            People

              dberrueta Diego Berrueta
              dunterwurzacher Denise Unterwurzacher [Atlassian]
              Votes:
              6 Vote for this issue
              Watchers:
              17 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: