这个文章早早就写完了,只是一直没时间发!上周末加班在公司设置jira工作流,把整个jira架构弄的差不多了。收获不小,也帮群里很多人解决了些问题!感觉还算爽吧。最近晚上回家在弄nginx,不知道还有没有其他的调优方法!自己还得多试试!~也在一个问问里被人追问Cacti的安装配置,等过段不加班了要抓紧给这位弄弄看!!!
Crowd创建目录(图片放在最下方,是按图1~图*来划分,每一步都有图片说明!)
登陆到Crowd,点击Directories — >>Add Directory (图1)
— >>点击Connector 图2
— >> Name要填写, Active一定要勾选(图3)
— >>(图4)
1. Connector:选择Openldap;
2. URL: ldap://kinggoo.com:389/ 或者填写openldap服务器的ldap://IP:398 ||如果都在本地ldap://localhost:398;
3. Password Encryption:MD5加密;
4. Base DN:填写slapd.conf中的suffix一项,即“dc=kinggoo,dc=com ”,不带双引号;
5. User DN: 填写slapd.conf中的rootdn一项,即“cn=root,dc=kinggoo,dc=com”,不带双引号;
6. Password: 填写slapd.conf中的rootpw一项,即openldap
7. 直接点击Continue,如果你点击Test connector会显示“The server address and port are valid. Please verify your DN settings through the Configuration panel by performing a group, role, or user search. ”,很郁闷不清楚哪个地方的问题!
— >>(图5)创建Jira用户组,点击Groups– >>Add Group。分别有jira-user,jira-administrator,jira-developers
(Name处填写组名称,Directory处要选择刚刚你建立好的 Active处要勾选);
— >> (图6)不做解释直接看图,几乎与创建用户组相同,只是第一步选择Users;
— >>(图7)将新添加用户KingGoo.Com添加到组;
— >>(图8)添加application– >>Add Application
1. Application Type选择Jira,Name填写名称,Password都记住(到时crowd.properties配置文件内需要)— >> Next>
2. URL填写jira的地址,或者ip地址,如http://192.168.71.129:8080,Remote IP Address处填写192.168.71.129,或者直接点击Remote IP Address— >> Next>
3. 选择你刚刚创建的Directories,如我刚刚建立的kinggoo.com — >>Next>
4. 勾选上Allow all users to authenticate— >>Next>
5. 点击Add Application(不点的话有些可能不会将应用添加上)
好了,这几部做完之后,就要开始修改Jira的设置和配置文件了(不需要看图的,直接向下翻页,或该页面搜索“不看图kinggoo.com”
) 
图3中
Name要填写,与jira的配置文件中会遇到
Description可选添
Active一定要勾选
不看图kinggoo.com 
我暂时安装了jira及crowd,现在来做jira与crowd的集成!(openLdap安装配置我会在稍后写个文章)
前提:你必须将jira管理页面修改全局设置内的“操作方式”修改为“2”(2. 私有 – 只有管理员才能创建用户)。开启“外部用户管理”,“外部密码管理”两项,不然做完下面操作后,无法使用crowd内创建的用户登陆Jira系统。如果你不小心,没有做上面的操作直接修改配置文件等,那么麻烦你将其还原,修改完上面这三项后,在做修改配置操作!
一、拷贝配置连接等文件
|
Copy From |
Copy To |
|
CROWD/client/crowd-integration-client-X.X.X.jar |
$JIRA/atlassian-jira/WEB-INF/lib |
|
CROWD/client/conf/crowd.properties |
$JIRA/atlassian-jira /WEB-INF/classes |
|
CROWD/client/conf/crowd-ehcache.xml |
$JIRA/atlassian-jira /WEB-INF/classes/crowd-ehcache.xml |
二、步骤:
1)拷贝crowd-integration-client-2.0.7.jar
[root@kinggoo client]#cd /root/guanli/crowd/client
备份原数据
crowd-integration-client-2.0.7.jar
[root@kinggoo client]# mv ~/guanli/jira/atlassian-jira/WEB-INF/lib/crowd-integration-client-2.0.7.jar
~/guanli/jira/atlassian-jira/WEB-INF/lib/crowd-integration-client-2.0.7.jar.BK
[root@kinggoo client]# cp crowd-integration-client-2.0.7.jar ~/guanli/jira/atlassian-jira/WEB-INF/lib/
2)拷贝crowd.properties
[root@kinggoo client]#cd /root/guanli/crowd/client/conf
备份原数据
[root@kinggoo conf]# mv ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties.BK
[root@kinggoo conf]# cp crowd.properties ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties
3)拷贝crowd-ehcache.xml
[root@kinggoo client]#cd /root/guanli/crowd/client/conf
备份原数据
[root@kinggoo conf]# mv ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd-ehcache.xml ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd-ehcache.xml.BK
[root@kinggoo conf]# cp crowd-ehcache.xml ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd-ehcache.xml
三、编辑配置文件:
1) 修改配置文件crowd.properties
[root@kinggoo conf]# vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/crowd.properties
application.name kinggoo-jira #在crowd中建立应用名称(小写)
application.password arij #在crowd中建立这个应用时的密码
application.login.url http://localhost:8095/crowd/console/
crowd.server.url http://localhost:8095/crowd/services/
session.isauthenticated session.isauthenticated
session.tokenkey session.tokenkey
session.validationinterval 0
session.lastvalidation session.lastvalidation
2) 修改配置文件osuser.xml
[root@kinggoo conf]# vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/osuser.xml
将粗体部分删除,红色为增加的内容,修改后保存即可!(不要直接复制!)
[root@kinggoo conf]# cat ~/guanli/jira/atlassian-jira/WEB-INF/classes/osuser.xml
<!– This is where JIRA’s credentials checking can be configured. For instance, see
http://www.atlassian.com/software/jira/docs/latest/ldap.html –>
<opensymphony-user>
<authenticator class="com.opensymphony.user.authenticator.SmartAuthenticator" />
<!– CROWD:START
You will need to uncomment the Crowd providers below to enable Crowd integration
and comment out the default providers that are located further down in this file.
–>
<!–
<provider class="com.atlassian.crowd.integration.osuser.CrowdCredentialsProvider"/>
<provider class="com.atlassian.crowd.integration.osuser.CrowdAccessProvider"/>
<provider class="com.atlassian.crowd.integration.osuser.DelegatingProfileProvider">
<property name="provider-1">com.atlassian.crowd.integration.osuser.CrowdProfileProvider</property>
<property name="provider-2">com.atlassian.jira.user.ExternalEntityJiraProfileProvider</property>
<property name="provider-2-exclusive-access">true</property>
</provider>
–>
<!– CROWD:END –>
<!– CROWD:START – The providers below here will need to be commented out for Crowd integration –>
<!–
<provider class="com.atlassian.jira.user.osuser.JiraOFBizCredentialsProvider">
<property name="exclusive-access">true</property>
</provider>
<provider class="com.atlassian.jira.user.osuser.JiraOFBizProfileProvider">
<property name="exclusive-access">true</property>
</provider>
<provider class="com.atlassian.jira.user.osuser.JiraOFBizAccessProvider">
<property name="exclusive-access">true</property>
</provider>
–>
<!– CROWD:END –>
</opensymphony-user>
3) 修改配置文件propertyset.xml
编辑改文件vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/propertyset.xml
查看是否有如下内容,如果有则不需要添加!4.2已自添加
<propertyset name="crowd" class="com.atlassian.crowd.integration.osuser.CrowdPropertySet"/>
4) 修改配置文件seraph-config.xml
[root@kinggoo conf]# vim ~/guanli/jira/atlassian-jira/WEB-INF/classes/seraph-config.xml
<!– CROWD:START – If enabling Crowd SSO integration uncomment the following JIRAAuthenticator and comment out the DefaultAuthen
ticator below –>
去掉此处注释
<authenticator class="com.atlassian.crowd.integration.seraph.v22.JIRAAuthenticator"/>
<!– CROWD:END –>
<——————-下面是添加注释的 ————–>
<!– CROWD:START – The authenticator below here will need to be commented out for Crowd SSO integration –>
<!—在此处添加此处注释
<authenticator class="com.atlassian.jira.security.login.JiraOsUserAuthenticator"/>
–>
<!– CROWD:END –>
参考资料:
如果在做完上述操作后,报如下错误!
2011-11-05 16:29:01,094 main ERROR [org.hibernate.util.JDBCExceptionReporter] Cannot create PoolableConnectionFactory (The database
is already in use by another process: org.hsqldb.persist.NIOLockFile@d5385ade[file =/root/guanli/atlassian-crowd-2.0.7/database/crow
dopenidserverdb.lck, exists=true, locked=false, valid=false, fl =null]: java.lang.Exception: checkHeartbeat(): lock file [/root/guan
li/atlassian-crowd-2.0.7/database/crowdopenidserverdb.lck] is presumably locked by another process.)
2011-11-05 16:29:01,096 main ERROR [hibernate.tool.hbm2ddl.SchemaUpdate] could not get database metadata
org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (The database is already in use by another p
rocess: org.hsqldb.persist.NIOLockFile@d5385ade[file =/root/guanli/atlassian-crowd-2.0.7/database/crowdopenidserverdb.lck, exists=tr
ue, locked=false, valid=false, fl =null]: java.lang.Exception: checkHeartbeat(): lock file [/root/guanli/atlassian-crowd-2.0.7/datab
ase/crowdopenidserverdb.lck] is presumably locked by another process.)
解决办法:
ps -fe |grep crowd
结束当前crowd进程,然后重启即可解决此问题
如有问题请留言!
玩趣儿
2 条评论。