Jira与crowd通信设置(之前要做ldap)

这个文章早早就写完了,只是一直没时间发!上周末加班在公司设置jira工作流,把整个jira架构弄的差不多了。收获不小,也帮群里很多人解决了些问题!感觉还算爽吧。最近晚上回家在弄nginx,不知道还有没有其他的调优方法!自己还得多试试!~也在一个问问里被人追问Cacti的安装配置,等过段不加班了要抓紧给这位弄弄看!!!

Crowd创建目录(图片放在最下方,是按图1~图*来划分,每一步都有图片说明!)
登陆到Crowd,点击Directories — >>Add Directory (图1)
— >>点击Connector 图2
— >> Name要填写, Active一定要勾选(图3)
— >>(图4)

1. Connector:选择Openldap;

2. URL: ldap://kinggoo.com:389/ 或者填写openldap服务器的ldap://IP:398 ||如果都在本地ldap://localhost:398;

3. Password Encryption:MD5加密;

4. Base DN:填写slapd.conf中的suffix一项,即“dc=kinggoo,dc=com ”,不带双引号;

5. User DN: 填写slapd.conf中的rootdn一项,即“cn=root,dc=kinggoo,dc=com”,不带双引号;

6. Password: 填写slapd.conf中的rootpw一项,即openldap

7. 直接点击Continue,如果你点击Test connector会显示“The server address and port are valid. Please verify your DN settings through the Configuration panel by performing a group, role, or user search. ”,很郁闷不清楚哪个地方的问题!

— >>(图5)创建Jira用户组,点击Groups– >>Add Group。分别有jira-user,jira-administrator,jira-developers

(Name处填写组名称,Directory处要选择刚刚你建立好的 Active处要勾选);

— >> (图6)不做解释直接看图,几乎与创建用户组相同,只是第一步选择Users;

— >>(图7)将新添加用户KingGoo.Com添加到组;

— >>(图8)添加application– >>Add Application

1. Application Type选择Jira,Name填写名称,Password都记住(到时crowd.properties配置文件内需要)— >> Next>

2. URL填写jira的地址,或者ip地址,如http://192.168.71.129:8080,Remote IP Address处填写192.168.71.129,或者直接点击Remote IP Address— >> Next>

3. 选择你刚刚创建的Directories,如我刚刚建立的kinggoo.com — >>Next>

4. 勾选上Allow all users to authenticate— >>Next>

5. 点击Add Application(不点的话有些可能不会将应用添加上)

好了,这几部做完之后,就要开始修改Jira的设置和配置文件了(不需要看图的,直接向下翻页,或该页面搜索“不看图kinggoo.com”


12

图3中
Name要填写,与jira的配置文件中会遇到
Description可选添
Active一定要勾选
不看图kinggoo.com
345678

我暂时安装了jira及crowd,现在来做jira与crowd的集成!(openLdap安装配置我会在稍后写个文章)

前提:你必须将jira管理页面修改全局设置内的“操作方式”修改为“2”(2. 私有只有管理员才能创建用户)。开启“外部用户管理”,“外部密码管理”两项,不然做完下面操作后,无法使用crowd内创建的用户登陆Jira系统。如果你不小心,没有做上面的操作直接修改配置文件等,那么麻烦你将其还原,修改完上面这三项后,在做修改配置操作!

一、拷贝配置连接等文件

Copy From

Copy To

CROWD/client/crowd-integration-client-X.X.X.jar

$JIRA/atlassian-jira/WEB-INF/lib

CROWD/client/conf/crowd.properties

$JIRA/atlassian-jira /WEB-INF/classes

CROWD/client/conf/crowd-ehcache.xml

$JIRA/atlassian-jira /WEB-INF/classes/crowd-ehcache.xml

二、步骤:

1)拷贝crowd-integration-client-2.0.7.jar
[root@kinggoo client]#cd /root/guanli/crowd/client
备份原数据
crowd-integration-client-2.0.7.jar
[root@kinggoo client]# mv ~/guanli/jira/atlassian-jira/WEB-INF/lib/crowd-integration-client-2.0.7.jar
~/guanli/jira/atlassian-jira/WEB-INF/lib/crowd-integration-client-2.0.7.jar.BK
[root@kinggoo client]# cp crowd-integration-client-2.0.7.jar ~/guanli/jira/atlassian-jira/WEB-INF/lib/

2)拷贝crowd.properties
[root@kinggoo client]#cd /root/guanli/crowd/client/conf
备份原数据
[root@kinggoo conf]# mv ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties.BK
[root@kinggoo conf]# cp crowd.properties ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties

3)拷贝crowd-ehcache.xml
[root@kinggoo client]#cd /root/guanli/crowd/client/conf
备份原数据
[root@kinggoo conf]# mv ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd-ehcache.xml ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd-ehcache.xml.BK
[root@kinggoo conf]# cp crowd-ehcache.xml ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd-ehcache.xml

三、编辑配置文件:

1) 修改配置文件crowd.properties

[root@kinggoo conf]# vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties

application.name kinggoo-jira #在crowd中建立应用名称(小写)

application.password arij #在crowd中建立这个应用时的密码

application.login.url http://localhost:8095/crowd/console/

crowd.server.url http://localhost:8095/crowd/services/
session.isauthenticated session.isauthenticated
session.tokenkey session.tokenkey
session.validationinterval 0
session.lastvalidation session.lastvalidation

2) 修改配置文件osuser.xml

[root@kinggoo conf]# vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/osuser.xml

将粗体部分删除,红色为增加的内容,修改后保存即可!(不要直接复制!)

[root@kinggoo conf]# cat ~/guanli/jira/atlassian-jira/WEB-INF/classes/osuser.xml

<!– This is where JIRA’s credentials checking can be configured. For instance, see

http://www.atlassian.com/software/jira/docs/latest/ldap.html –>

<opensymphony-user>

<authenticator class="com.opensymphony.user.authenticator.SmartAuthenticator" />

<!– CROWD:START

You will need to uncomment the Crowd providers below to enable Crowd integration

and comment out the default providers that are located further down in this file.

–>

<!–
<provider class="com.atlassian.crowd.integration.osuser.CrowdCredentialsProvider"/>

<provider class="com.atlassian.crowd.integration.osuser.CrowdAccessProvider"/>

<provider class="com.atlassian.crowd.integration.osuser.DelegatingProfileProvider">

<property name="provider-1">com.atlassian.crowd.integration.osuser.CrowdProfileProvider</property>

<property name="provider-2">com.atlassian.jira.user.ExternalEntityJiraProfileProvider</property>

<property name="provider-2-exclusive-access">true</property>

</provider>
–>

<!– CROWD:END –>

<!– CROWD:START – The providers below here will need to be commented out for Crowd integration –>

<!–

<provider class="com.atlassian.jira.user.osuser.JiraOFBizCredentialsProvider">

<property name="exclusive-access">true</property>

</provider>

<provider class="com.atlassian.jira.user.osuser.JiraOFBizProfileProvider">

<property name="exclusive-access">true</property>

</provider>

<provider class="com.atlassian.jira.user.osuser.JiraOFBizAccessProvider">

<property name="exclusive-access">true</property>

</provider>

–>

<!– CROWD:END –>

</opensymphony-user>

3) 修改配置文件propertyset.xml

编辑改文件vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/propertyset.xml
查看是否有如下内容,如果有则不需要添加!4.2已自添加

<propertyset name="crowd" class="com.atlassian.crowd.integration.osuser.CrowdPropertySet"/>

4) 修改配置文件seraph-config.xml

[root@kinggoo conf]# vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/seraph-config.xml

<!– CROWD:START – If enabling Crowd SSO integration uncomment the following JIRAAuthenticator and comment out the DefaultAuthen

ticator below –>

去掉此处注释

<authenticator class="com.atlassian.crowd.integration.seraph.v22.JIRAAuthenticator"/>

<!– CROWD:END –>

<——————-下面是添加注释的 ————–>

<!– CROWD:START – The authenticator below here will need to be commented out for Crowd SSO integration –>

<!—在此处添加此处注释

<authenticator class="com.atlassian.jira.security.login.JiraOsUserAuthenticator"/>

–>

<!– CROWD:END –>

参考资料:

如果在做完上述操作后,报如下错误!

2011-11-05 16:29:01,094 main ERROR [org.hibernate.util.JDBCExceptionReporter] Cannot create PoolableConnectionFactory (The database

is already in use by another process: org.hsqldb.persist.NIOLockFile@d5385ade[file =/root/guanli/atlassian-crowd-2.0.7/database/crow

dopenidserverdb.lck, exists=true, locked=false, valid=false, fl =null]: java.lang.Exception: checkHeartbeat(): lock file [/root/guan

li/atlassian-crowd-2.0.7/database/crowdopenidserverdb.lck] is presumably locked by another process.)

2011-11-05 16:29:01,096 main ERROR [hibernate.tool.hbm2ddl.SchemaUpdate] could not get database metadata

org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (The database is already in use by another p

rocess: org.hsqldb.persist.NIOLockFile@d5385ade[file =/root/guanli/atlassian-crowd-2.0.7/database/crowdopenidserverdb.lck, exists=tr

ue, locked=false, valid=false, fl =null]: java.lang.Exception: checkHeartbeat(): lock file [/root/guanli/atlassian-crowd-2.0.7/datab

ase/crowdopenidserverdb.lck] is presumably locked by another process.)

解决办法:

ps -fe |grep crowd
结束当前crowd进程,然后重启即可解决此问题

如有问题请留言!

- THE END -
版权声明:
转载原创文章请注明,文章出处:http://kinggoo.com
原文地址:http://kinggoo.com/app-jira-crowd-confluence-ldap.htm
发表评论?

2 条评论。

  1. JIRA5.0.2与Crowd2.4.2应用集成 - KingGoo博客 - pingback on 2012 年 05 月 31 日 在 17:38
  2. Confluence与Crowd通信设置 - KingGoo - pingback on 2011 年 04 月 16 日 在 09:57

发表评论


Trackbacks and Pingbacks: