Hi Alexis, I'm testing the LDAP stuff with Active Directory and it is *almost* working fine. ;-) The problem is in LDAPAuthServiceImpl.checkUserPassword() when you try to read "userPassword" in order to check the password. As I understood from reading of various articles, Active Directory requires a strong encryption even for a read-only access to the "userPassword" ("unicodePwd") attribute. Here are some links: http://forum.java.sun.com/thread.jspa?threadID=592611&messageID=3100133 http://mail.jabber.org/pipermail/jadmin/2002-January/003278.html Is there any specific reason why you cannot just simply rely on bind() with either DN or username and password to authenticate the user? I commented out the userPassword check and assigned return value of Bind() method to the result (not using ldap_bind_DN at all) and it is working fine. Anyway, thanks for this piece of code (especially the newly committed CreateUserFromLDAP() feature is cool). Jiri. On Wed, 27 Apr 2005 16:05:52 +0200, you wrote:
Hi, I'm working on LDAP integration. The current status is: - Password can be checked against LDAP server using different strategies. - User must exist in XWiki database. These functions are available for SVN version on openweb, but not of latest binary release. I still need to provide documentation on how-to use it. I have plans to had: - Automatic transfer of user from LDAP to XWiki first time a user connects. - Update of user fields from LDAP to XWiki. - Mass transfer/update from LDAP to XWiki. If you're willing to build latest version I can provide you help testing this on your environment. I only tested with Open-LDAP server and I'm curious to learn how it works with other servers.
Alexis KARTMANN email : [email protected] Blog : http://www.kartmann.com Jabber : [email protected]
-----Message d'origine----- De : Jiri Luzny [mailto:[email protected]] Envoyé : mercredi 27 avril 2005 15:28 ? : [email protected] Objet : [xwiki-dev] LDAP integration status
Hi,
as we plan to integrate XWiki user management with Active Directory in our company, I'm curious what is the status of LDAP Integration. Is it testable? If so, I would be happy to become a beta tester for this ;-)
Jiri.