FAQ

Looking for more information about single sign-on, authorisation, and authentication? Want to learn the basics about Crowd? We've answered your questions:

Concepts

Technical

Compatibility

What is single sign-on?

Single sign-on enables users to authenticate (login) once and gain access to multiple web applications. See also centralised authentication.

What is authorisation?

Authorisation is the act of deciding whether a person is allowed to access a specific resource or web application. This often comes in the form of groups, roles and permissions.

What is authentication?

Authentication is the act of verifying that a user is who they say they are. This is often done through a credential such as user name and password.

What is centralised authentication?

Centralised authentication is when an end-user has the same username and password used across all web applications, even if the application cannot participate in single sign-on. This is often a major milestone before single sign-on is achieved within an organisation.

Crowd provides centralisation authentication and/or single sign-on depending on your application's capabilities.

What is identity management?

Identity management is the process of defining a user (a 'principal') and managing their attributes. In addition to username and credentials (e.g. password), attributes might include phone number, address, etc.

Identity management also includes assigning users to relevant groups and roles, so that users can access appropriate applications and resources.

Another important part of identity management is managing the entire user lifecycle, for example, disabling the user account when someone leaves the organisation.

What is a directory?

A directory is a repository of information containing user identities, their attributes and their group and role memberships.

How does Crowd work? How is Crowd an "application security framework"?

Crowd is made up of two parts:

  • Administration console: a brilliantly simple and powerful web interface that manages directories, users and their security rights.
  • Integration API: a single security architecture where multiple web applications are integrated. With the integration API, applications can quickly access user information or perform security checks.

What is an application connector?

An application connector is the link between Crowd and one of your applications. An application connector makes it possible to connect, say, Crowd and JIRA. When you download and install Crowd, you'll automatically get its application connectors, along with an integration API so that you can code your own application connectors too.

What is a directory connector?

A directory connector is the link between Crowd and one of your directories. It makes it possible to connect, say, Crowd and Active Directory. When you download and install Crowd, you'll automatically get its directory connectors, along with an integration API so that you can code your own directory connectors too.

How many users can Crowd manage?

Crowd supports an unlimited number of users depending upon which license you purchase. View the licensing and pricing breakdown for more information.

How many applications can be used with Crowd?

So long as they're compatible with Crowd, you can add in as many applications as your organisation needs.

We already have an LDAP server for Confluence and/or JIRA. Do we really need Crowd?

If one or more of the following apply, Crowd will be of benefit to you:

  • your organisation uses multiple applications and they have not yet been integrated into the LDAP server
  • you are looking for an easy way to manage all your JIRA and Confluence users in one database with one or more directory servers
  • your organisation has not yet implemented single sign-on
  • you are looking for a way to help save you and your organisation time, frustration, and much more!

What are Crowd's system requirements?

Crowd runs everywhere Java can, and is compatible with most organisations' existing infrastructure. Requirements include:

  • J2EE 1.4 application server or a Servlet 2.4 web container.
  • JDBC compliant database that is supported by Hibernate.
  • Sun JDK 1.5 or higher.

For more information on compatible databases, application servers, and operating systems, read the Crowd documentation.

What directories and applications does Crowd support out-of-the-box?

A complete list of currently supported applications and directories can be found in Crowd's documentation. Check back often, as new connectors will be added regularly.

How can Crowd be connected to new or currently unsupported applications?

Crowd provides a simple and intuitive integration API (backended by SOAP) that allows you to connect in your new or existing applications. This makes it easy to choose how much or how little to integrate based on your needs.

How does Crowd integrate with other Atlassian products?

Crowd ships with connectors for Atlassian products.

Using the out-of-the-box connectors you can consolidate all of your users into a single repository giving you the ability to manage all of your users in a single location. Users can then take advantage of single sign-on, giving them one username and password to access all of your applications.

Does Crowd include kerberos integration?

Crowd does not currently support kerberos-based authentication.

Does Crowd support SAML or Liberty Alliance?

Crowd currently provides limited support for SAML v2 to provide SSO for Google Apps.

SAML is a standard that was developed by several large companies for federated identity management. Similarly, Liberty Alliance is a consortium formed to develop and define federated identity management standards and protocols. While we felt that earlier versions of the SAML standard were too complex to be truly useful, version 2 of the specification is significantly improved.

We'll look at improving our SAML support in future releases, but as yet are not committing to a timeframe.

For licensing and pricing — please see the Purchasing FAQ.