Nexus Professional's Support for Atlassian Crowd


November 17, 2009 By Tim O'Brien

Atlassian’s Crowd is a single sign-on and identity management product that many organizations use to consolidate user accounts and control which users and groups have access to which applications. Nexus Professional contains an optional security plugin that allows you to configure Nexus to authenticate against an Atlassian Crowd instance. This blog post dives into the details of Nexus Pro’s Crowd support, and provides some first steps to configuring your Nexus Pro instance to authenticate against your Crowd server.

Installing the Nexus Atlassian Crowd Plugin

When you downloaded Nexus Professional, you also download a few optional plugins including the Nexus Crowd plugin. This plugin is located in the ${NEXUS_HOME}/runtime/apps/nexus/optional-plugins directory under security-crowd-realm-1.4.0. To install this plugin in Nexus:

* Copy the security-crowd-realm-1.4.0/ directory from ${NEXUS_HOME}/runtime/apps/nexus/optional-plugins to ${NEXUS_HOME}/runtime/apps/nexus/plugin-repository.
* Once the optional User Account plugin has been copied to the plugin-repository/ directory, restart Nexus and the User Account plugin will be installed.

Configuring the Crowd Plugin

Once the Atlassian Crowd plugin is installed, restart Nexus and login as a user with Administrative privileges. To configure the Crowd plugin, click on the Crown Configuration in the Securty section of the Nexus menu as shown in the following figure.

Clicking on the Crowd Configuration link will load the form shown in the next figure. This configuration panel contains all of the options that needs to be configured to connect your Nexus instance to Crowd for authorization and authentication.

Adding the Crowd Authentication Realm

Once you have configured Nexus to connect to Crowd, you must select the Crowd authorization realm from the list of available realms in your Nexus Server settings. This next figure shows the Security settings section in the Nexus Server configuration. To load the Nexus server configuration panel, click on Server under Administration in the Nexus menu. Drag Crowd from the list of available realms to the list of selected realms and then save the Nexus server configuration.

Configuring a Nexus Application in Crowd

To connect Nexus to Atlassian’s Crowd, you will need to configure Nexus as an application in Crowd. To do this, login to Crowd as a user with Administrative rights, and click on the Applications tab. Once you click on this tab, you should see two options under the Applications tab: Search Applications and Add Application. Click on Add Application to display the form shown in the following figure and create a new application with the following values in the Details tab of the Add Application form:

* Application Type: Generic Application
* Name: nexus
* Description: Sonatype Nexus Professional

In this next tab you will need to configure the application connection for Nexu. You need to configure the URL of the application and the remote IP address. The next figure shows the Connection form configured for a local instance of Nexus. If you would configuring Crowd and Nexus in a production environment, you would supply the URL that users would use to load Nexus in a web browser and you would supply an IP address which was not the loopback, 127.0.0.1 address. Once you have completed the Connection form, click on Next to advance to the Directories form.

Custom Role and User Mapping

That is all there is to configuring Nexus Professional to integrate with an Atlassian Crowd instance. After you’ve connected Nexus to Crowd you can map Crowd roles to Nexus roles, and you can customize Nexus roles granted to Crowd users. For more information about the integration between Atlassian Crowd and Sonatype’s Nexus Professional, see the Crowd chapter of the Nexus book.