I have been evaluating Atlassian Crowd for my organization and we use gerrit as one of our main services along with jira, confluence, jenkins. I am trying to find out if we can use crowd as authentication support for gerrit instead of LDAP.
You might want to check out the thread Atlassian Crowd auth support for gerrit - it originated in 2011, but apparently Eric Anderson's auth type hasn't quite madeit into Gerrit yet, see lucamilanesio's response from 2014-02-26:
the auth backend patch is still under review :-( ... I agree we should should push for merging it
However, Andrew Diller's later response from 2013-07-18 suggests an alternate approach:
The current version of Crowd comes with an OpenID provider. We are using that to allow Gerrit to auth to 2 LDAP backends- one direct to LDAP server, the other to a MicrosoftActiveDirectory via Crowd. It works great.
So it looks like this:
gerrit --> OpenID -> Crowd -> LDAP -> ActiveDirectory
[gerrit] --> OpenID -> Crowd -> LDAP -> OpenLDAPagain, this works today very nicely.
Beware that this only seems to apply to authentication at this point:
It is just for auth, since the LDAP servers to us are ReadOnly, we cannot control the groups. But I have not investigated this deeply.
In our case this is just what we want- usually our LDAP servers are a mess, it's easier for us to control groups on gerrit itself.
Disclaimer: I haven't used that myself.