gitlab-org--gitlab-foss/doc/administration/auth/crowd.md
Achilleas Pipinellis ffdbf0a66f SSoT for administration/auth docs
- Make sure we have type defined in the frontmatter
- Add troubleshooting sections where absent
- Meaningful intros where absent
2019-07-16 03:31:08 +00:00

2.6 KiB

type
reference

Atlassian Crowd OmniAuth Provider

Authenticate to GitLab using the Atlassian Crowd OmniAuth provider.

Configure a new Crowd application

  1. Choose 'Applications' in the top menu, then 'Add application'.

  2. Go through the 'Add application' steps, entering the appropriate details. The screenshot below shows an example configuration.

    Example Crowd application configuration

Configure GitLab

  1. On your GitLab server, open the configuration file.

    Omnibus:

      sudo editor /etc/gitlab/gitlab.rb
    

    Source:

      cd /home/git/gitlab
    
      sudo -u git -H editor config/gitlab.yml
    
  2. See Initial OmniAuth Configuration for initial settings.

  3. Add the provider configuration:

    Omnibus:

      gitlab_rails['omniauth_providers'] = [
        {
          "name" => "crowd",
          "args" => {
            "crowd_server_url" => "CROWD_SERVER_URL",
            "application_name" => "YOUR_APP_NAME",
            "application_password" => "YOUR_APP_PASSWORD"
          }
        }
      ]
    

    Source:

       - { name: 'crowd',
           args: {
             crowd_server_url: 'CROWD_SERVER_URL',
             application_name: 'YOUR_APP_NAME',
             application_password: 'YOUR_APP_PASSWORD' } }
    
  4. Change CROWD_SERVER_URL to the URL of your Crowd server.

  5. Change YOUR_APP_NAME to the application name from Crowd applications page.

  6. Change YOUR_APP_PASSWORD to the application password you've set.

  7. Save the configuration file.

  8. Reconfigure or restart for the changes to take effect if you installed GitLab via Omnibus or from source respectively.

On the sign in page there should now be a Crowd tab in the sign in form.

Troubleshooting

If you see an error message like the one below when you sign in after Crowd authentication is configured, you may want to consult the Crowd administrator for the Crowd log file to know the exact cause:

could not authorize you from Crowd because invalid credentials

Please make sure the Crowd users who need to login to GitLab are authorized to the application in the step of Authorisation. This could be verified by try "Authentication test" for Crowd as of 2.11.

Example Crowd application authorisation configuration