Over at our new ATG Developer Community site, we’re using Atlassian Crowd to manage our user accounts, groups, and single sign-on (SSO) between Jira, Confluence, to manage Subversion authentication, and to handle the forums (JForum) user accounts.

There was an example on how to integrate JForum and Crowd, which works pretty well. When you login to the forum, it checks Crowd and creates a local account if needed and logs you in.

However, we want single sign-on (SSO) so that our users don’t need to login to the forums separately. We also want group membership in Crowd to be reflected in JForum to allow us to manage permissions based on Crowd managed groups.

I’ve written a JForum SSO implementation that ties into Crowd that I’m going to share here. It’s version 1.1 (just added group sync), but it seems to work nicely.

Download the zip file here:
jforum-crowd-sso

unzip it into your jforum/WEB-INF/classes/ directory.

You have to install the crowd client jar, and the crowd.properties file.

You may also need to install the xfire jars if you get errors. I did.

Then you need to setup the sso configuration in the jforum/WEB-INF/config/SystemGlobals.properties

like this:

authentication.type=sso
sso.implementation = com.digitalsanctuary.jforum.CrowdSSO
sso.redirect = your crowd managed app login page
sso.crowd.syncGroups=false

That last flag should be set to true if you would like the user’s groups synced from Crowd to JForum at auth time. This takes a second, so I made it optional. It does not push JForum group membership info to Crowd, it just syncs Crowd data down, as Crowd should be your master directory for that type of data.

The source code is available here for now:

CrowdSSO.java

-EDIT-

Added a full downloadable module and installation instructions here:

http://confluence.atlassian.com/display/CROWDEXT/JForum+Single+Sign-On+Crowd+Connector