Registry v4.0.0 introduces the Jira Provisioning Plugin, which provisions CO Person and CO Group records to Atlassian Jira.
Operations
Registry CO Person Transaction | Jira Action |
---|---|
Add | Synchronize the CO Person and their CO Group Memberships |
Edit | Synchronize the CO Person and their CO Group Memberships |
Enter Grace Period | No changes (unless attributes change as part of grace period) |
Expiration / Becomes Inactive | Set the Jira record to Inactive |
Unexpire / Becomes Active | Set the Jira record to Active |
Delete | Remove the Jira record (depending on configuration) |
Manual Provision | Synchronize the CO Person and their CO Group Memberships |
When provisioning a CO Person, the plugin will not create Jira groups that do not already exist.
Registry CO Group Transaction | Crowd Action |
---|---|
Add | Synchronize the CO Group and its Memberships |
Edit | Synchronize the CO Group and its Memberships Renaming a group is not fully supported If a CO Group is renamed, a new corresponding group will be created in Crowd. The old Crowd group will be left in place, including its memberships. As the CO People associated with the old group are reprovisioned, their memberships in the old Crowd group will be removed. |
Delete | Remove the Crowd group |
Manual Provision | Synchronize the CO Group and its Memberships |
When provisioning a CO Group, the plugin will not create a Crowd person that does not already exist.
Installation
This is a non-core plugin, see Installing and Enabling Registry Plugins for more information.
This plugin requires PHP 7 or later (for random_bytes).
Configuration
This is a non-core plugin, see Installing and Enabling Registry Plugins for more information.
- Crowd clients are Applications, not Users. That is, Registry will be configured to be an Application that has access to Crowd. Start by creating a new Application (and its Directory).
- Login to Crowd as an administrator.
- Create a new Directory that will be for the exclusive use of Registry. This is where CO People and CO Groups will be synchronized to.
- Crowd > Directories > Add directory
- Directory Type: Internal
- Under the Permissions tab, make sure all permissions are enabled
- Crowd > Directories > Add directory
- Create a new Application that corresponds to Registry.
- Crowd > Applications > Add application
- Application Type: Generic Application
- The password you set here will be used later in the Registry Provisioner Plugin configuration.
- When prompted, enter the top level Registry URL for the application URL, ie: https://registry.yourdomain.org/registry
- Enter your server's IP address for Remote IP address. Crowd restricts application client access to registered IP addresses.
- If using a reverse proxy, set the address to 127.0.0.1.
- Select the Directory you created in the previous step as the Directory to use with this Application.
- Crowd > Applications > Add application
- Define a new Server in Registry.
- Servers > Add a New Server
- Server Type: HTTP
- On the next page, configure the Server as follows
- Server URL: https://crowd.yourdomain.org/crowd/rest/ (Be sure to include
/crowd/rest/
in the URL) - Username and Password: Use the username and password you set in the Crowd Application configuration in the previous step
- Server URL: https://crowd.yourdomain.org/crowd/rest/ (Be sure to include
- Configure a new Provisioning Target in Registry.
- Configuration > Provisioning Targets > Add Provisioning Target
- Plugin: CrowdProvisioner
- On the next page, select the Server created in the previous step, as well as the identifier type that will be used as the person's Crowd username.
- Configuration > Provisioning Targets > Add Provisioning Target
- Manually reprovision any existing Registry CO Groups that you wish to create in Crowd. After installation, all new CO Groups will automatically be created in Crowd.
- Manually reprovision any existing Registry CO People that you wish to create in Crowd. After installation, all new CO People will automatically be created in Crowd.
Important Constraints
- Registry assumes it has full management of Crowd groups for groups that Registry knows about. If a group membership is directly added to Crowd, it will be removed on CO Group provisioning actions.
- As documented above, renaming a CO Group is not fully supported.