If you are interested in purchasing Support or Binary versions of Plugin for a Specific Version of TeamCity and Crowd, please get in touch via email teamcity.crowd.plugin@gmail.com
TeamCity Crowd integration plugin is used by TeamCity for user authentication.
Plugin listed on Jetbrains page.
The plugin replaces standard TeamCity Authentication mechanism by connecting to Atlassian Crowd. When user logs in with username and password, plugin validates credentials with Crowd. If the user "checks out" fine, the plugin creates user in TeamCity if the user doesn't exists.
Once the user is created Plugin will update user's group membership. There are two modes in which Plugin can work (configured via plugin configuration file):
Plugin uses different REALM to TeamCity. Once plugin activated the entire user base and groups prior to installation will NOT be accessible.
To build the plugin you need Java installed on your machine and access to the Internet. Plugin uses Maven 3 to build the project.
$ mvn clean package
The build will run tests and prepare zip file in the target/ project folder.
You can modify a specific versions of TeamCity and Crowd you are building for, in the pom.xml file (see teamcity-version and crowd.client.version).
First time the plugin is build it will download a distribution of TeamCity, it might take a while (~500MB).
The plugin was extensively tested with Teamcity 2018.1
and Atlassian Crowd 3.2.1
.
To install TeamCity Crowd plugin you need to copy the plugin distribution file (build/dist/teamcity-crowd-plugin.zip) into TeamCityDataDir/plugins folder. TeamCityDataDir is the server data folder. By default it is in the User Home/.Buildserver. More info at JetBrains TeamCity WIKI.
You can also copy presets file crowd.xml from this repository and place it in the __TeamCityDataDir/config/_auth__ folder. It is Authentication preset file that will make Crowd Authentication selectable from the Administrator view in TeamCity.
If you don't copy the file you need to manually modify auth-config.xml in TeamCityDataDir/config folder. Sample configuration auth-config.xml can be found in this repository.
For the plugin to work you need to create or copy Plugin Configuration file called teamcity-crowd-plugin.properties and place it in the TeamCityDataDir/config. It has to be the exact name. Sample configuration file can be found in this repository.
Plugin uses different REALM to TeamCity. The entire user base created prior to plugin activation will not be visible/usable. One plugin activated you can log into TeamCity with your Crowd credentials. To see the administration panel you will have to log in as SUPER USER into TeamCity with TOKEN from the teamcity-server.log file and make your user administrator (via checkbox on user page).
Remember to restart TeamCity for plugin to work.
If you have the presets file copied to TeamCity configuration folder, you can select the Authentication mechanism in the Administration -> Authentication panel of TeamCity. You can manually enable the plugin by modifying auth-config.xml file.
You also need to configure Crowd Server details in the teamcity-crowd-plugin.properties file. Example configuration:
application.name=teamcity
application.password=password
application.login.url=http://localhost:8111/login.html
crowd.base.url=http://localhost:8095/crowd
session.isauthenticated=session.isauthenticated
session.tokenkey=whateva
session.validationinterval=0
session.lastvalidation=session.lastvalidation
!Note! Make sure to add Application to the Crowd server with appropriate name and password.
There is one additional property that you can setup in the teamcity-crowd-plugin.properties file.
tc.crowd.plugin.createGroups=true # default false
If you set this up the Plugin will create Groups in TeamCity when user logs in and Group is not there. It is switched off by default. Creation of a group requires the creation of a Group Key in TeamCity is limited to 16 characters. If multiple groups are created with the same 16 character prefix then and id is generated by appending an incrementing 3 digit number to the end of the first 13 chars of the group name. Creating Groups manually gives more control over Project Permissions, etc.