OK thanks .. that's working well .. for scenario 1) Now .. even post restarts. I can not get the value to work when setting xwiki.authentication.loginpage=/where/mylogin/shouldgo Does this need to be set somewhere else as well? ------ thanks kevin.foote On Mon, 14 Mar 2011, Guillaume Lerouge wrote: -> Hi Kevin, -> -> On Mon, Mar 14, 2011 at 16:33, Kevin P. Foote <kpfoote(a)iup.edu> wrote: -> -> > -> > Hi devs, -> > -> > In writing my own auth plugin I want the ability to run XWiki in -> > anonymous browsing mode as well as the login request triggering my -> > particular auth jar (much like xwiki.org - you can many pages w/out -> > actually authenticating). I have two resulting questions. -> > -> > 1) -> > Is there a magic user name in the form of XWiki."anonymous"/Guest etc.. -> > that I can return in my checkAuth? OR am I thinking about this -> > incorrectly and xwiki already knows that this user is who the context is -> > representing.. -> > -> -> There's already the virtual XWiki.XWikiGuest . -> -> #if($context.user == "XWiki.XWikiGuest") -> some content -> #end -> -> will display content only for non-authenticated users for instance. -> -> Guillaume -> -> 2) -> > I see in reading the xwiki.cfg and tutuorials on how to run your own -> > authentication code that there is a way to override the login page -> > within the config. Is there also a way to "override" the call to the -> > login? I know in (cough,cough) confluence they have a seraph mechanism -> > that you can override what the login action is... looking for something -> > similar here.. -> > I've thought of perhaps using an apache rewrite rule on the -> > login/XWikiLogin page to trigger my auth -> > -> > Thanks guys.. -> > -> > ------ -> > thanks -> > kevin.foote -> > _______________________________________________ -> > devs mailing list -> > devs(a)xwiki.org -> > http://lists.xwiki.org/mailman/listinfo/devs -> _______________________________________________ -> devs mailing list -> devs(a)xwiki.org -> http://lists.xwiki.org/mailman/listinfo/devs ->

Sergiu, Thanks for the notes back.. Yes I have written my new authentication mechanics and my authenticator is working .. early 0.1 stages ;-) Its basically a redo of some of the stuff in http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/authenticators/ where mine deals with working with a federated SSO environment. ( Will post a link back to the src / project once I'm happier with it :) ) So yes it does trump the login/form page and in fact does away with that entirely. The reason I'm in pursuit of a way to "trigger" the auth is to create a public viewable wiki but require authn to be triggered when user browses to a restricted space/page without seeing the Error In writing this I think I have just found my answer.. :-) now to test. Also need to test this with the latest 3x stuff but Im sure it'll work :-) ------ thanks kevin.foote On Sat, 19 Mar 2011, Sergiu Dumitriu wrote: -> On 03/14/2011 06:47 PM, Kevin P. Foote wrote: -> > -> > OK thanks .. that's working well .. for scenario 1) -> > -> > -> > Now .. even post restarts. I can not get the value to work when setting -> > -> > xwiki.authentication.loginpage=/where/mylogin/shouldgo -> > -> > Does this need to be set somewhere else as well? -> -> Why do you want to change the login page? Unless it sits in a different -> application, outside XWiki, you should just configure your authenticator -> to perform its magic in the default URL. -> -> Normally, for changing the authentication mechanism, you should write a -> java class extending com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl -> and registering it in xwiki.cfg at the xwiki.authentication.authclass -> key, for example: -> xwiki.authentication.authclass=com.xwiki.authentication.ntlm.NTLMAuthServiceImpl -> -> If you only want to change how the username/password check is done, you -> can override only the authenticate method and hook to your custom -> authenticator. -> -> There are various example authenticators which you can start from at -> http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/authenticators/ -> -> > ------ -> > thanks -> > kevin.foote -> > -> > On Mon, 14 Mar 2011, Guillaume Lerouge wrote: -> > -> > -> Hi Kevin, -> > -> -> > -> On Mon, Mar 14, 2011 at 16:33, Kevin P. Foote<kpfoote(a)iup.edu> wrote: -> > -> -> > -> > -> > -> > Hi devs, -> > -> > -> > -> > In writing my own auth plugin I want the ability to run XWiki in -> > -> > anonymous browsing mode as well as the login request triggering my -> > -> > particular auth jar (much like xwiki.org - you can many pages w/out -> > -> > actually authenticating). I have two resulting questions. -> > -> > -> > -> > 1) -> > -> > Is there a magic user name in the form of XWiki."anonymous"/Guest etc.. -> > -> > that I can return in my checkAuth? OR am I thinking about this -> > -> > incorrectly and xwiki already knows that this user is who the context is -> > -> > representing.. -> > -> > -> > -> -> > -> There's already the virtual XWiki.XWikiGuest . -> > -> -> > -> #if($context.user == "XWiki.XWikiGuest") -> > -> some content -> > -> #end -> > -> -> > -> will display content only for non-authenticated users for instance. -> > -> -> > -> Guillaume -> > -> -> > -> 2) -> > -> > I see in reading the xwiki.cfg and tutuorials on how to run your own -> > -> > authentication code that there is a way to override the login page -> > -> > within the config. Is there also a way to "override" the call to the -> > -> > login? I know in (cough,cough) confluence they have a seraph mechanism -> > -> > that you can override what the login action is... looking for something -> > -> > similar here.. -> > -> > I've thought of perhaps using an apache rewrite rule on the -> > -> > login/XWikiLogin page to trigger my auth -> > -> > -> > -> > Thanks guys.. -> > -> > -> > -> > ------ -> > -> > thanks -> > -> > kevin.foote -> -> -> -- -> Sergiu Dumitriu -> http://purl.org/net/sergiu/ -> _______________________________________________ -> devs mailing list -> devs(a)xwiki.org -> http://lists.xwiki.org/mailman/listinfo/devs ->