Hi fellow XWikiers,
We teased you with a few exclusive t-shirt pictures 2 weeks ago... The time
has now come to offer our community the opportunity to enjoy them too !
We have setup a cafepress account for XWiki, available at
http://www.cafepress.com/xwiki . You'll be able to find there t-shirts,
mugs, caps and many more goodies to play with !
We have put a small profit margin on most products. The money received
through the sale of those goodies will go straight back into the XWiki
Open-Source Community development effort, under a format yet to define (but
the idea will be to reward the most active XWiki committers & contributors
from outside of XWiki SAS - the company).
One address : http://www.cafepress.com/xwiki - enjoy !
I've also added the XWiki logos & other fun images on this page for the
community to enjoy : http://www.xwiki.org/xwiki/bin/view/Main/Goodies
We hope to see you all wearing XWiki apparel soon ;-)
On behalf of the XWiki Development Team,
Guillaume
PS : Ricardo, we'd be glad to see the XWiki logo on your sports teams shirts
:-) You'll find all the images you'll need on the Goodies page mentioned
above. Don't forget to send us the pictures when you wear them - and win !
:-)
Hi all,
After reviewing the code and doing some debug I found that
Context/XWikiContext.isVirtual and XWiki.isVirtual are two things
different :
* context : "is not in the main wiki"
* xwiki : "platform is in virtual mode"
This is very disturbing and i'm pretty sure context.isVirtual is used
in the wrong way at some places...
Plus, context does not need to store a "virtual" variable (like it
does actually), it just need to compare getMainXWiki and getDatabase.
I propose to rename XWiki method to "isVirtualMode" and refactor
XWikiContext/Context isVirtual/setVirtual to "isMainWiki" and of
course deprecate old methods.
WDYT ?
PS : I already asked that in
http://jira.xwiki.org/jira/browse/XWIKI-1874 but I think it deserve a
mailing list thread
--
Thomas Mortagne
The XWiki development team is pleased to announce the release of XWiki
Workspaces Milestone 1,
Go grab it at http://www.xwiki.org/xwiki/bin/view/Main/Download
XWiki Workspaces is a new product focusing on easy collaboration through
workspaces and their applications : Wiki, Blog, Photo Galleries and Files
sharing. This first milestone implements the initial feature set of
Workspaces, you can find more about it on http://workspaces.xwiki.org
For more information about this release, including links to installation
instructions and to Workspaces JIRA project, read the releases notes at
http://www.xwiki.org/xwiki/bin/view/Main/ReleaseNotesWorkspaces10M1
Thanks,
-The XWiki dev team
what about a more generic version of the prior question:
Assuming one already has an apache (httpd) based site using "HTTP Basic
Authorization"
feature in apache, what is the technique for allowing already authenticated
users to use that same authentication in Xwiki? This assumes some means of
mapping the basic auth name to the xwiki user name, which is trivial.
In other words you could use something like
mod_auth_mysql<http://www.howtoforge.com/mod_auth_mysql_apache2_debian>to
alllow password-based access to restricted portions of a website (or
entire thing if .htaccess at toplevel) via apache. More security or extranet
access can be granted via mod_ssl combined with client certificates & "fake
basic authentication"<http://www.modssl.org/docs/2.8/ssl_reference.html#SSLOptions>
:
- FakeBasicAuth
When this option is enabled, the Subject Distinguished Name (DN) of
the Client X509 Certificate is translated into a HTTP Basic Authorization
username. This means that the standard Apache authentication methods can be
used for access control. The user name is just the Subject of the Client's
X509 Certificate (can be determined by running OpenSSL's openssl
x509command: openssl
x509 -noout -subject -in *certificate*.crt). Note that no password is
obtained from the user. Every entry in the user file needs this password: ``
xxj31ZMTZzkVA'', which is the DES-encrypted version of the word `
password''. Those who live under MD5-based encryption (for instance
under FreeBSD or BSD/OS, etc.) should use the following MD5 hash of the same
word: ``$1$OXLyS...$Owx8s2/m9/gfkcRVXzgoE/''.
in other words you have an external table mapping the client-certificate's
DN, which can be an elaborate string like
"/O=ufl.edu/OU=Employees/C=US/O=University of Florida/CN=ANDREW MEYER/Email=
dontasemebro(a)ufl.edu|"
and this would provide authentication for user 'Xwiki.AndrewMeyer' and grant
that user access based on the associated xwiki account.
With the advent of https://www.myopenid.com the latter client-certificate,
SSL-based authentication ought to be considered as a nice "universal login
identity".... IMHO it provides a consistent way of handling identity across
a wide variety of sites.
In the past i've setup http://ipssources.com which uses 2-factor auth via HP
"Digital Badge" -- similar can be achieved, much more easily, and cheaply,
via MyOpenID. Their system is indeed like HP's "digital badge" except that
it's free and works across multiple websites.
MyOpenID has potential of being a useful service if it catches on.... When i
used it, it smoothly sent me a client-cert
and appears to provide a decent API for management:
You have the following certificates:
Label Serial Number Created Revoked
gnuvelle BF1E 2008-02-11 16:32:29.195635 Revoke this
Certificate
Thus making the potentially-difficult task of issuing and installing client
certificates in the user's browser a no-brainer (at least in firefox). If
they've correctly handled the MS/vs-the-world issues so that IE and Netscape
and mac users can
access the web as ubiquitously as advertised, they've won most of the
"client auth" battle IMHO....
-- Niels
http://nielsmayer.com
On Sat, Mar 15, 2008 at 8:47 PM, Glenn Everitt <Glenn.Everitt(a)compuware.com>
wrote:
>
> Thanks for the advice on changing the global.vm, sadly the authentication
> is
> proprietary and wouldn't help anyone else. Thanks again. - Glenn Everitt
>
>
> Ludovic Dubost-2 wrote:
> >
> >
> > Hi,
> >
> > There is no change the XWiki logout page is going to have any effect
> > when you are using Apache level auth.
> > Best is just to change the global.vm and link to your logout page with
> > the xredirect param and have your logout page redirect to that url in
> > the xredirect param.
> >
> > What type of authentication are you using in your server ? If it's a
> > non-proprietary one, it might be nice to document your config on
> > xwiki.org.
> >
> > Ludovic
> >
> > Glenn Everitt wrote:
> >> I am using Apache level authentication and the
> >> AppServerTrustedAuthServiceImpl using getRemoteUser to get into XWiki
> and
> >> I
> >> have this working. I need to call something like a logout.jsp to
> >> invalidate
> >> the session and cleanup. I thought I should use the
> >> xwiki.authentication.logoutpage=/[^/]+/logout/*
> >> in xwiki.cfg. I can't tell what this is doing and whether it is
> related
> >> to
> >> ...
> >>
> >> The velocity template global.vm seems to generate the logout link on
> the
> >> main menu.
> >> #set($logouturl = $xwiki.getURL("XWiki.XWikiLogout","logout",
> >> "xredirect=$util.encodeURI($logredir)"))
> >> $!logouturl $!msg.get("logout") #sep()
> >>
> >> Any clues on how to handle logout would be greatly appreciated.
> >>
> >> Thanks
> >> Glenn Everitt
> >>
> >>
> >
> >
> > --
> > Ludovic Dubost
> > Blog: http://blog.ludovic.org/
> > XWiki: http://www.xwiki.com
> > Skype: ldubost GTalk: ldubost
> >
> > _______________________________________________
> > devs mailing list
> > devs(a)xwiki.org
> > http://lists.xwiki.org/mailman/listinfo/devs
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/logout-tp16040945p16075537.html
> Sent from the XWiki- Dev mailing list archive at Nabble.com.
>
> _______________________________________________
> devs mailing list
> devs(a)xwiki.org
> http://lists.xwiki.org/mailman/listinfo/devs
>
I am using Apache level authentication and the
AppServerTrustedAuthServiceImpl using getRemoteUser to get into XWiki and I
have this working. I need to call something like a logout.jsp to invalidate
the session and cleanup. I thought I should use the
xwiki.authentication.logoutpage=/[^/]+/logout/*
in xwiki.cfg. I can't tell what this is doing and whether it is related to
...
The velocity template global.vm seems to generate the logout link on the
main menu.
#set($logouturl = $xwiki.getURL("XWiki.XWikiLogout","logout",
"xredirect=$util.encodeURI($logredir)"))
$!logouturl $!msg.get("logout") #sep()
Any clues on how to handle logout would be greatly appreciated.
Thanks
Glenn Everitt
--
View this message in context: http://www.nabble.com/logout-tp16040945p16040945.html
Sent from the XWiki- Dev mailing list archive at Nabble.com.
hello,
I think I have completed my MetadataLuceneTutorial by now.
Could you please tell me :
- if it is relevant to the xwiki community ? otherwise I can remove it
- if it is not clear enough to meet the docs standards. For example : too
many subjects at the same time ? do the code sources need to be rewritten so
as to show more clearly where is the customization ?
- if it could be submitted, and to whom. To the devs list ? to the XWiki
team only ?
If you have more or less already approved it, do you even plan to leave it
as a tutorial, or do you want to see it as a description of a possible
improvement to the core ? I think no one would have time to tutor me right
now, otherwise I would be ready to contribute. If no one has time then it is
better in my opinion to leave it as a tutorial, which will show people how
things work. Just tell me if this is the case - its okay, there are so many
more important things to do for the team.
Thanks a lot !
--
Jean-Vivien MAURICE
Ingénieur Informatique et Gestion, Polytech'Montpellier (ISIM)
E-mail : jean.vivien.maurice(a)gmail.com
Tél. : +33 6 76 70 88 02
(or else : +33 6 79 46 45 24)
Skype : jean.vivien
Hello,
We have been having some issues with the LDAP authentication to our XWiki
instance.
Here is the portion from xwiki.cfg:
xwiki.authentication.ldap=1xwiki.authentication.ldap.authclass=com.xpn.xwiki.ldap.authentication.XWikiLDAPAuthServiceImplxwiki.authentication.ldap.server=domain.company.comxwiki.authentication.ldap.check_level=1xwiki.authentication.ldap.port=389xwiki.authentication.ldap.base_DN=dc=domain,dc=company,dc=comxwiki.authentication.ldap.bind_DN=domain\\{0}xwiki.authentication.ldap.bind_pass={1}xwiki.authentication.ldap.UID_attr=sAMAccountNamexwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
We have two separate installations on two different machines:
One is the standalone installation (for the first time user) and in
that I could configure the LDAP authentication with a particular
domain at our company. But, it does not work if I change the domain.
Now, the other is an installation of the WAR file with Tomcat 6.0 and
Oracle 10g DB. In this setup, there are some issues.
Currently xWiki may refresh the login page when logging through ldap
without indicating whether authentication was successful or not. With
the current configuration
1. users attempts login
2. Some users are able to log in, otherwise - log in pages refreshes
the page, providing no indication to the user of any change from the login
attempt
3. no information is provided to xwiki.log
4. the user's username is then listed as part XWikiAllgroup and the
user's wiki page is created the with correct LDAP information
- There are variations to this error. Some users experience an "access
denied" error on log in. Their usernames are added to XWIkiAllGroup for each
successive log in.
Could anyone throw any light on why this might be happening?
Do we need to make any changes to the LDA confi. part in xwiki.cfg?
Any help will be highly appreciated.
Thanks
Hi everyone,
I'd like everyone's input for defining the XE 1.4 roadmap both on the
general objectives and specific features/bugs to implement/fix.
Here's my first take below. Please comment on it and add other stuff.
This is a brainstorming session. Then we can start assigning
committers/contributors to goals/issues.
General Goals:
============
* Bug fixes
** Go from 240 in JIRA for Core down to 180 on XE 1.4 release date
* Better performance
** Run XE with a profiler and find bottlenecks
** Reduce number of database calls
** Improved page loading (JV)
** Make Stats usable on xwiki.org (ThomasM)
* More automated tests
** More selenium tests
** Add tests on Tomcat 6.x as part of the CI build
** Add tests on Windows and with IE6 and IE7 as part of the CI build
* No new features in general
Of course there are some goals that are always valid irrelevant on any
release and that we should keep in mind:
* More tests
* Better javadoc
* More documentation on xwiki.org
* Code cleanup/refactoring
* Extract more plugins from core into plugins proper
Specific issues to implement/fix
========================
* Add support for removing class properties (http://jira.xwiki.org/jira/browse/XWIKI-99
)
* (optional - depending on availability) - New rendering rewrite (http://jira.xwiki.org/jira/browse/XWIKI-654
)
* (optional - depending on availability) - Interface extensions (http://dev.xwiki.org/xwiki/bin/view/Design/InterfaceExtensions
)
* Add any other critical issue here
Thanks
-Vincent