Configuring GitLab omniauth to use Atlassian Crowd for authentication

Question

(Reposted here due to no response on Google group)

Probably missing something obvious but I cannot get GitLab CE 8.0.5 to use Crowd server 2.8.3 as an omniauth provider. GitLab doc and Google searches are not helping.

Can anyone either provide me with troubleshooting steps, their config (obfuscating passwords etc) or check my config below.

GitLab config:

gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = true
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
# gitlab_rails['omniauth_auto_link_ldap_user'] = false
 gitlab_rails['omniauth_providers'] = [
   {
     "name" => "crowd",
      "args" => {
        "crowd_server_url" => "http://localhost:8095/crowd",
        "application_name" => "crowd_gitlab",
        "application_password" => "Password"
      }
   }
 ]

The Crowd application I have setup looks like:

Name: crowd_gitlab
Application type: Generic Application
Active: x
          Password: Password

The crowd tab appears on the GitLab login page but the error I get is:

500
We're sorry, but something went wrong.

Note that the URL displayed during this error is http://localhost/users/auth/crowd/callback

Tried increaing generic tracing levels and looking through the logs on both Crowd and GitLab but cannot see anything obvious.

score 0 · Answer 1 · answered Feb 13 '16 at 07:42

We're using Gitlab CE 7.7.2 and Crowd 2.8.2 successfully. I'm not sure if this changes with 8.0.5.

Our config is below

  ## OmniAuth settings
  omniauth:
    enabled: true
    allow_single_sign_on: true
    block_auto_created_users: true

    providers:
       - { name: 'crowd'
        , strategy_class: 'OmniAuth::Strategies::Crowd'
           , args: {
              crowd_server_url: "http://crowd-server:8095/crowd",
              application_name: "gitlab",
              application_password: "PASSWORD"
           }
      }

We also force the Crowd login page as the default page for Gitlab, which was less confusing for people rather than displaying the default page and forcing them to click on the Crowd button.

score -1 · Answer 2 · answered Jan 08 '16 at 11:51

-1

Just looked at the features matrix and noticed that Crowd is only supported on EE. Doh!

answered Jan 08 '16 at 11:51

Takashi

19
3

just wrong. there exists documentation on how to make use of crowd in gitlab-ce. – ferdy Jan 24 '17 at 19:34
https://docs.gitlab.com/ce/administration/auth/crowd.html It may have been restricted at some point, but it is available to all self-managed instances, see https://about.gitlab.com/features/#manage > "Atlassian Crowd" – Katrin Leinweber Apr 16 '21 at 08:25

Configuring GitLab omniauth to use Atlassian Crowd for authentication

2 Answers2