xwiki-devs

xwiki-devs@xwiki.org

9400 discussions

[xwiki-devs] [Proposal] Rename Context.isVirtual and XWiki.isVirtual

by Thomas Mortagne

Hi all, After reviewing the code and doing some debug I found that Context/XWikiContext.isVirtual and XWiki.isVirtual are two things different : * context : "is not in the main wiki" * xwiki : "platform is in virtual mode" This is very disturbing and i'm pretty sure context.isVirtual is used in the wrong way at some places... Plus, context does not need to store a "virtual" variable (like it does actually), it just need to compare getMainXWiki and getDatabase. I propose to rename XWiki method to "isVirtualMode" and refactor XWikiContext/Context isVirtual/setVirtual to "isMainWiki" and of course deprecate old methods. WDYT ? PS : I already asked that in http://jira.xwiki.org/jira/browse/XWIKI-1874 but I think it deserve a mailing list thread -- Thomas Mortagne

16 years, 8 months

[xwiki-devs] [ANN] XWiki Workspaces Milestone 1 Released

by Jerome Velociter

The XWiki development team is pleased to announce the release of XWiki Workspaces Milestone 1, Go grab it at http://www.xwiki.org/xwiki/bin/view/Main/Download XWiki Workspaces is a new product focusing on easy collaboration through workspaces and their applications : Wiki, Blog, Photo Galleries and Files sharing. This first milestone implements the initial feature set of Workspaces, you can find more about it on http://workspaces.xwiki.org For more information about this release, including links to installation instructions and to Workspaces JIRA project, read the releases notes at http://www.xwiki.org/xwiki/bin/view/Main/ReleaseNotesWorkspaces10M1 Thanks, -The XWiki dev team

16 years, 8 months

[xwiki-devs] Using Apache BasicAuth or mod_ssl's "FakeBasicAuth" and MyOpenID (was Re: logout)

by Niels Mayer

what about a more generic version of the prior question: Assuming one already has an apache (httpd) based site using "HTTP Basic Authorization" feature in apache, what is the technique for allowing already authenticated users to use that same authentication in Xwiki? This assumes some means of mapping the basic auth name to the xwiki user name, which is trivial. In other words you could use something like mod_auth_mysql<http://www.howtoforge.com/mod_auth_mysql_apache2_debian>to alllow password-based access to restricted portions of a website (or entire thing if .htaccess at toplevel) via apache. More security or extranet access can be granted via mod_ssl combined with client certificates & "fake basic authentication"<http://www.modssl.org/docs/2.8/ssl_reference.html#SSLOptions> : - FakeBasicAuth When this option is enabled, the Subject Distinguished Name (DN) of the Client X509 Certificate is translated into a HTTP Basic Authorization username. This means that the standard Apache authentication methods can be used for access control. The user name is just the Subject of the Client's X509 Certificate (can be determined by running OpenSSL's openssl x509command: openssl x509 -noout -subject -in *certificate*.crt). Note that no password is obtained from the user. Every entry in the user file needs this password: `` xxj31ZMTZzkVA'', which is the DES-encrypted version of the word ` password''. Those who live under MD5-based encryption (for instance under FreeBSD or BSD/OS, etc.) should use the following MD5 hash of the same word: ``$1$OXLyS...$Owx8s2/m9/gfkcRVXzgoE/''. in other words you have an external table mapping the client-certificate's DN, which can be an elaborate string like "/O=ufl.edu/OU=Employees/C=US/O=University of Florida/CN=ANDREW MEYER/Email= dontasemebro(a)ufl.edu|" and this would provide authentication for user 'Xwiki.AndrewMeyer' and grant that user access based on the associated xwiki account. With the advent of https://www.myopenid.com the latter client-certificate, SSL-based authentication ought to be considered as a nice "universal login identity".... IMHO it provides a consistent way of handling identity across a wide variety of sites. In the past i've setup http://ipssources.com which uses 2-factor auth via HP "Digital Badge" -- similar can be achieved, much more easily, and cheaply, via MyOpenID. Their system is indeed like HP's "digital badge" except that it's free and works across multiple websites. MyOpenID has potential of being a useful service if it catches on.... When i used it, it smoothly sent me a client-cert and appears to provide a decent API for management: You have the following certificates: Label Serial Number Created Revoked gnuvelle BF1E 2008-02-11 16:32:29.195635 Revoke this Certificate Thus making the potentially-difficult task of issuing and installing client certificates in the user's browser a no-brainer (at least in firefox). If they've correctly handled the MS/vs-the-world issues so that IE and Netscape and mac users can access the web as ubiquitously as advertised, they've won most of the "client auth" battle IMHO.... -- Niels http://nielsmayer.com On Sat, Mar 15, 2008 at 8:47 PM, Glenn Everitt <Glenn.Everitt(a)compuware.com> wrote: > > Thanks for the advice on changing the global.vm, sadly the authentication > is > proprietary and wouldn't help anyone else. Thanks again. - Glenn Everitt > > > Ludovic Dubost-2 wrote: > > > > > > Hi, > > > > There is no change the XWiki logout page is going to have any effect > > when you are using Apache level auth. > > Best is just to change the global.vm and link to your logout page with > > the xredirect param and have your logout page redirect to that url in > > the xredirect param. > > > > What type of authentication are you using in your server ? If it's a > > non-proprietary one, it might be nice to document your config on > > xwiki.org. > > > > Ludovic > > > > Glenn Everitt wrote: > >> I am using Apache level authentication and the > >> AppServerTrustedAuthServiceImpl using getRemoteUser to get into XWiki > and > >> I > >> have this working. I need to call something like a logout.jsp to > >> invalidate > >> the session and cleanup. I thought I should use the > >> xwiki.authentication.logoutpage=/[^/]+/logout/* > >> in xwiki.cfg. I can't tell what this is doing and whether it is > related > >> to > >> ... > >> > >> The velocity template global.vm seems to generate the logout link on > the > >> main menu. > >> #set($logouturl = $xwiki.getURL("XWiki.XWikiLogout","logout", > >> "xredirect=$util.encodeURI($logredir)")) > >> $!logouturl $!msg.get("logout") #sep() > >> > >> Any clues on how to handle logout would be greatly appreciated. > >> > >> Thanks > >> Glenn Everitt > >> > >> > > > > > > -- > > Ludovic Dubost > > Blog: http://blog.ludovic.org/ > > XWiki: http://www.xwiki.com > > Skype: ldubost GTalk: ldubost > > > > _______________________________________________ > > devs mailing list > > devs(a)xwiki.org > > http://lists.xwiki.org/mailman/listinfo/devs > > > > > > -- > View this message in context: > http://www.nabble.com/logout-tp16040945p16075537.html > Sent from the XWiki- Dev mailing list archive at Nabble.com. > > _______________________________________________ > devs mailing list > devs(a)xwiki.org > http://lists.xwiki.org/mailman/listinfo/devs >

16 years, 8 months

[xwiki-devs] logout

by Glenn Everitt

I am using Apache level authentication and the AppServerTrustedAuthServiceImpl using getRemoteUser to get into XWiki and I have this working. I need to call something like a logout.jsp to invalidate the session and cleanup. I thought I should use the xwiki.authentication.logoutpage=/[^/]+/logout/* in xwiki.cfg. I can't tell what this is doing and whether it is related to ... The velocity template global.vm seems to generate the logout link on the main menu. #set($logouturl = $xwiki.getURL("XWiki.XWikiLogout","logout", "xredirect=$util.encodeURI($logredir)")) $!logouturl $!msg.get("logout") #sep() Any clues on how to handle logout would be greatly appreciated. Thanks Glenn Everitt -- View this message in context: http://www.nabble.com/logout-tp16040945p16040945.html Sent from the XWiki- Dev mailing list archive at Nabble.com.

16 years, 8 months

[xwiki-devs] my metadatalucenetutorial is completed now...

by jvivien.m2 jvivien.m2

hello, I think I have completed my MetadataLuceneTutorial by now. Could you please tell me : - if it is relevant to the xwiki community ? otherwise I can remove it - if it is not clear enough to meet the docs standards. For example : too many subjects at the same time ? do the code sources need to be rewritten so as to show more clearly where is the customization ? - if it could be submitted, and to whom. To the devs list ? to the XWiki team only ? If you have more or less already approved it, do you even plan to leave it as a tutorial, or do you want to see it as a description of a possible improvement to the core ? I think no one would have time to tutor me right now, otherwise I would be ready to contribute. If no one has time then it is better in my opinion to leave it as a tutorial, which will show people how things work. Just tell me if this is the case - its okay, there are so many more important things to do for the team. Thanks a lot ! -- Jean-Vivien MAURICE Ingénieur Informatique et Gestion, Polytech'Montpellier (ISIM) E-mail : jean.vivien.maurice(a)gmail.com Tél. : +33 6 76 70 88 02 (or else : +33 6 79 46 45 24) Skype : jean.vivien

16 years, 8 months

[xwiki-devs] [ANN] First DocHour results

by Vincent Massol

Hi everyone, The first DocHour has been very successful IMO. Here are what we've done all together: * Vincent - "Document how to improve performance by using Apache and mod-deflate/mode-expire and mod-proxy-ajp" - http://jira.xwiki.org/jira/browse/XWIKI-2176 * Vincent - "Document the {rss} macro" - http://jira.xwiki.org/jira/browse/XWIKI-1340 * Vincent - http://www.xwiki.org/xwiki/bin/view/FAQ/PrivateRssFeeds * Jean-Vincent - http://dev.xwiki.org/xwiki/bin/view/Main/ because devs deserve a nice homepage ;) * StephaneB - a short glance over the combination between velocity language and XWiki API functions (http://dev.xwiki.org/xwiki/bin/view/Drafts/ObjectInPage ) - Not finished. * Evelina - document the new users and groups management (http://jira.xwiki.org/jira/browse/XWIKI-1867 ) * Guillaume - wrote & documented the Video Macro on XWiki.org - http://code.xwiki.org/xwiki/bin/view/Macros/VideoMacro * Jerome - "Write a tutorial for newcomers on how to create Java selenium tests." - http://jira.xwiki.org/jira/browse/XWIKI-1351 started a draft at http://dev.xwiki.org/xwiki/bin/view/Drafts/WritingSeleniumsTestsForXWiki - Not finished * Marius - "Document the Core APIs properly" - http://jira.xwiki.org/jira/browse/XWIKI-2187 - Not finished * ThomasM - improve wiki creation documentation with a combination of http://jira.xwiki.org/jira/browse/XAWM-48 and http://manager.xwiki.org/xwiki/bin/view/AdminGuide/CreateNewWiki * Ludovic/Guillaume - create a package for the Polls Application and document it on XWiki.org - http://code.xwiki.org/xwiki/bin/view/Applications/PollsApplication * Anca - updated and brought small improvements to the FAQ Tutorial: added links to useful pages and added code explanations here and there. * Asiri - Building XEclipse with Eclipse at http://code.xwiki.org/xwiki/bin/view/Extensions/XEclipseExtension - Not finished Thanks everyone who participated! This is great and helped a lot. I'd like to do that again in about a month. Now it would be nice to finish the outstanding issues started in this DocHour namely: * StephaneB - a short glance over the combination between velocity language and XWiki API functions (http://dev.xwiki.org/xwiki/bin/view/Drafts/ObjectInPage ) - Not finished. * Jerome - "Write a tutorial for newcomers on how to create Java selenium tests." - http://jira.xwiki.org/jira/browse/XWIKI-1351 started a draft at http://dev.xwiki.org/xwiki/bin/view/Drafts/WritingSeleniumsTestsForXWiki - Not finished * Marius - "Document the Core APIs properly" - http://jira.xwiki.org/jira/browse/XWIKI-2187 - Not finished * Asiri - Building XEclipse with Eclipse at http://code.xwiki.org/xwiki/bin/view/Extensions/XEclipseExtension - Not finished. Asiri could yo please move the building information to the Buliding page as I had suggested please? Thanks again -Vincent

16 years, 8 months

[xwiki-devs] LDAP authentication issues!!

by Kamna Jain

Hello, We have been having some issues with the LDAP authentication to our XWiki instance. Here is the portion from xwiki.cfg: xwiki.authentication.ldap=1xwiki.authentication.ldap.authclass=com.xpn.xwiki.ldap.authentication.XWikiLDAPAuthServiceImplxwiki.authentication.ldap.server=domain.company.comxwiki.authentication.ldap.check_level=1xwiki.authentication.ldap.port=389xwiki.authentication.ldap.base_DN=dc=domain,dc=company,dc=comxwiki.authentication.ldap.bind_DN=domain\\{0}xwiki.authentication.ldap.bind_pass={1}xwiki.authentication.ldap.UID_attr=sAMAccountNamexwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn We have two separate installations on two different machines: One is the standalone installation (for the first time user) and in that I could configure the LDAP authentication with a particular domain at our company. But, it does not work if I change the domain. Now, the other is an installation of the WAR file with Tomcat 6.0 and Oracle 10g DB. In this setup, there are some issues. Currently xWiki may refresh the login page when logging through ldap without indicating whether authentication was successful or not. With the current configuration 1. users attempts login 2. Some users are able to log in, otherwise - log in pages refreshes the page, providing no indication to the user of any change from the login attempt 3. no information is provided to xwiki.log 4. the user's username is then listed as part XWikiAllgroup and the user's wiki page is created the with correct LDAP information - There are variations to this error. Some users experience an "access denied" error on log in. Their usernames are added to XWIkiAllGroup for each successive log in. Could anyone throw any light on why this might be happening? Do we need to make any changes to the LDA confi. part in xwiki.cfg? Any help will be highly appreciated. Thanks

16 years, 8 months

Re: [xwiki-devs] [xwiki-notifications] r8519 - in xwiki-platform/xwiki-tools/trunk: xwiki-configuration-resources xwiki-jetty-resources xwiki-license-resources xwiki-packager-plugin xwiki-shared-tests

by Sergiu Dumitriu

vmassol (SVN) wrote: > Author: vmassol > Date: 2008-03-14 23:50:09 +0100 (Fri, 14 Mar 2008) > New Revision: 8519 > > Modified: > xwiki-platform/xwiki-tools/trunk/xwiki-configuration-resources/ > xwiki-platform/xwiki-tools/trunk/xwiki-jetty-resources/ > xwiki-platform/xwiki-tools/trunk/xwiki-license-resources/ > xwiki-platform/xwiki-tools/trunk/xwiki-packager-plugin/ > xwiki-platform/xwiki-tools/trunk/xwiki-shared-tests/ > Log: > more svn ignores > > > Property changes on: xwiki-platform/xwiki-tools/trunk/xwiki-configuration-resources > ___________________________________________________________________ > Name: svn:ignore > - target > *.ipr > *.iml > *.log > .classpath > .project > nbproject > .settings > > + target > *.ipr > *.iml > *.log > .classpath > .project > nbproject > .settings > target-eclipse > Shouldn't we just add these kind of files/directories to the subversion config file? I'm pretty sure we'll never have a target-eclipse directory that will need to be committed. -- Sergiu Dumitriu http://purl.org/net/sergiu/

16 years, 8 months

[xwiki-devs] Roadmap for XE 1.4

by Vincent Massol

Hi everyone, I'd like everyone's input for defining the XE 1.4 roadmap both on the general objectives and specific features/bugs to implement/fix. Here's my first take below. Please comment on it and add other stuff. This is a brainstorming session. Then we can start assigning committers/contributors to goals/issues. General Goals: ============ * Bug fixes ** Go from 240 in JIRA for Core down to 180 on XE 1.4 release date * Better performance ** Run XE with a profiler and find bottlenecks ** Reduce number of database calls ** Improved page loading (JV) ** Make Stats usable on xwiki.org (ThomasM) * More automated tests ** More selenium tests ** Add tests on Tomcat 6.x as part of the CI build ** Add tests on Windows and with IE6 and IE7 as part of the CI build * No new features in general Of course there are some goals that are always valid irrelevant on any release and that we should keep in mind: * More tests * Better javadoc * More documentation on xwiki.org * Code cleanup/refactoring * Extract more plugins from core into plugins proper Specific issues to implement/fix ======================== * Add support for removing class properties (http://jira.xwiki.org/jira/browse/XWIKI-99 ) * (optional - depending on availability) - New rendering rewrite (http://jira.xwiki.org/jira/browse/XWIKI-654 ) * (optional - depending on availability) - Interface extensions (http://dev.xwiki.org/xwiki/bin/view/Design/InterfaceExtensions ) * Add any other critical issue here Thanks -Vincent

16 years, 8 months

[xwiki-devs] XWiki Attachments

by Kamna Jain

I was wondering if the files that are uploaded on XWiki are stored in any particular folder on the server? Or is it just the tables in the DB that have information on them? We are exploring the ways in which the files uploaded can be directly added to a SVN repository. For this, I need to know the location of the files once they are uploaded. Thanks

16 years, 8 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

xwiki-devs