xwiki-users October 2008

xwiki-users@xwiki.org

68 participants
132 discussions

by Bartłomiej Radziszewski

hello, I'm trying connect xwiki to the ldap using this manual http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HGeneric… but have problem with auth.. i'm using: slapd 2.3.30-5+etch2 apache-tomcat-6.0.18 xwiki-enterprise-web-1.7-milestone-1.war jdk1.6.0_07 xwiki.cfg ldap section: #------------------------------------------------------------------------------------- # LDAP #------------------------------------------------------------------------------------- #-# new LDAP authentication service xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl #-# Turn LDAP authentication on - otherwise only XWiki authentication #-# 0: disable #-# 1: enable xwiki.authentication.ldap=1 #-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.) xwiki.authentication.ldap.server=127.0.0.1 xwiki.authentication.ldap.port=389 #-# LDAP login, empty = anonymous access, otherwise specify full dn #-# {0} is replaced with the username, {1} with the password xwiki.authentication.ldap.bind_DN=cn={0},ou=people,dc=xxx,dc=com xwiki.authentication.ldap.bind_pass={1} #-# Force to check password after LDAP connection #-# 0: disable #-# 1: enable xwiki.authentication.ldap.validate_password=0 #-# only members of the following group will be verified in the LDAP #-# otherwise only users that are found after searching starting from the base_DN # xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US #-# [Since 1.5RC1, XWikiLDAPAuthServiceImpl] #-# only users not member of the following group can autheticate # xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US #-# base DN for searches xwiki.authentication.ldap.base_DN=ou=people,dc=xxx,dc=com #-# Specifies the LDAP attribute containing the identifier to be used as the XWiki name (default=cn) xwiki.authentication.ldap.UID_attr=cn #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] #-# Specifies the LDAP attribute containing the password to be used "when xwiki.authentication.ldap.validate_password" is set to 1 xwiki.authentication.ldap.password_field=userPassword #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] #-# The potential LDAP groups classes. Separated by commas. # xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] #-# The potential names of the LDAP groups fields containings the members. Separated by commas. # xwiki.authentication.ldap.group_memberfields=member,uniqueMember #-# retrieve the following fields from LDAP and store them in the XWiki user object (xwiki-attribute=ldap-attribute) #-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object for faster access xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# on every login update the mapped attributes from LDAP to XWiki otherwise this happens only once when the XWiki account is created. xwiki.authentication.ldap.update_user=1 #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# mapps XWiki groups to LDAP groups, separator is "|" # xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=MegaNova,c=US|\ # XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# time in s after which the list of members in a group is refreshed from LDAP (default=3600*6) # xwiki.authentication.ldap.groupcache_expiration=21800 #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# - create : synchronize group membership only when the user is first created #-# - always: synchronize on every login # xwiki.authentication.ldap.mode_group_sync=always #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# if ldap authentication fails for any reason, try XWiki DB authentication with the same credentials xwiki.authentication.ldap.trylocal=1 #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# SSL connection to LDAP server #-# 0: normal #-# 1: SSL xwiki.authentication.ldap.ssl=0 #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] #-# The keystore file to use in SSL connection xwiki.authentication.ldap.ssl.keystore= #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] #-# The java secure provider used in SSL connection # xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider java LDAP debug module exeption: / 21:07:39,624 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP authentication failed: login null 21:07:39,627 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG ldap.XWikiLDAPConnection - Connection to LDAP server [127.0.0.1:389] 21:07:39,641 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG ldap.XWikiLDAPConnection - Binding to LDAP server with credentials login=[cn=user1,ou=people,dc=xxx,dc=com ] password=[user1] 21:07:39,644 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Found user dn with the user object: cn=user1,ou=people,dc=xxx,dc=com 21:07:39,646 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP attributes will be used to update XWiki attributes. 21:07:39,646 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG ldap.XWikiLDAPConfig - Ready to create user from LDAP with fields last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn 21:07:39,649 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating existing user with LDAP attribues located at cn=user1,ou=people,dc=xxx,dc=com 21:07:39,650 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG ldap.XWikiLDAPConfig - Ready to create user from LDAP with fields last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn 21:07:39,651 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. java.lang.NullPointerException at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.updateUserFromLDAP(XWikiLDAPAuthServiceImpl.java:730) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.syncUser(XWikiLDAPAuthServiceImpl.java:497) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:410) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:198) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) at com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:205) at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3564) at com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3572) at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4478) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:287) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 21:07:39,653 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin] [http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB/ In ldap logs: /Oct 23 21:07:39 ubot slapd[4919]: conn=216 fd=11 ACCEPT from IP=127.0.0.1:41337 (IP=0.0.0.0:389) Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=0 BIND dn="cn=user1,ou=people,dc=xxx,dc=com" method=128 Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=0 BIND dn="cn=user1,ou=people,dc=xxx,dc=com" mech=SIMPLE ssf=0 Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=0 RESULT tag=97 err=0 text= Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=1 EXT oid=0.0.0.0 Oct 23 21:07:39 ubot slapd[4919]: do_extended: unsupported operation "0.0.0.0" Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=1 RESULT tag=120 err=2 text=unsupported extended operation Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 BIND anonymous mech=implicit ssf=0 Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 BIND dn="cn=user1,ou=people,dc=xxx,dc=com" method=128 Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 BIND dn="cn=user1,ou=people,dc=xxx,dc=com" mech=SIMPLE ssf=0 Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 RESULT tag=97 err=0 text= Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=3 SRCH base="cn=user1,ou=people,dc=xxx,dc=com" scope=0 deref=0 filter="(objectClass=*)" Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=3 SRCH attr=sn givenName fullName mail dn Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text= Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=4 ABANDON msg=93 Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=5 UNBIND Oct 23 21:07:39 ubot slapd[4919]: conn=216 fd=11 closed /Somebody can help me? Thanks and Greetings, Bart -- Bartłomiej Radziszewski mobile: +48 509 561 540 e-mail: br(a)debian.linux.pl JID: br(a)debian.linux.pl ICQ: #305569725

15 years, 10 months

[xwiki-users] Help with Velocity/HQL query

by BrianJones

Okay, so having a bit of difficulty with this... I have a space 'Peoples', with a class/sheet/template associated with it. I can create a new instance of this object, and it is created in the 'People' space, that's all fine and dandy... In this class there is a property 'location', that is a static list, single selection only in a drop down box. For example's sake, I'll say there are 3 locations, 'X', 'Y', 'Z'. On the 'Peoples' space's main page, where a user may create a new instance, or see a list of already created 'People', I'm trying to create this list divided by the three locations. I tried to calculate the number of 'People' instances with the location 'X' in the following manner: #set ($whereClauseX = "obj.name=doc.fullName and obj.name<>'Peoples.PeopleClassTemplate' and obj.className='Peoples.PeopleClass' and prop.id.id = obj.id and prop.id.name='location' and prop.value='X' order by doc.creationDate desc") #set ($numX = "select count(distinct doc) from XWikiDocument doc, BaseObject as obj, LargeStringProperty as prop where $whereClauseX") Now, I know there are instances of 'People' objects in this space that have the value 'X' for the 'location' property, but whenever I access this variable, it is always being calculated as 0. Can someone point out my problem with that block of code? Also, this affects my later code I think as, when it hits the following block of code, nothing appears on screen, and I get some errors in the Tomcat screen. Code: #if ($numX > 0) <h3>Location X:</h3> #set ($sql = ", BaseObject as obj, LargeStringProperty as prop where $whereClauseX") #set($bentrydoc = $xwiki.getDocument($item)) #set($bentryobj = $bentrydoc.getObject("Peoples.PeopleClass", "language", $language, true)) #foreach ($item in $xwiki.searchDocuments($sql)) * [${bentrydoc.display("first_name","view",$bentryobj)} ${bentrydoc.display("last_name","view",$bentryobj)}|$item] #end #end And the Tomcat error(s): WARNING: Parameters: Invalid chunk ignored. [ERROR] Left side of '>=' operation is not a Numbere. Peoples.WebHome [line 82, column 15] However, no where in my code am I using the operator '>='... Any kind person with a helping hand would be appreciated. Thanks again community! -- View this message in context: http://n2.nabble.com/Help-with-Velocity-HQL-query-tp1372223p1372223.html Sent from the XWiki- Users mailing list archive at Nabble.com.

15 years, 10 months

[xwiki-users] Watchlist attachments link incomplete

by Reto Hotz

Hi, I have noticed that the Watchlist update sent by email does not contain the full path to a changed attachment. e.g. I received the following watchlist update email: (Note: I removed all the styles for better readability) ... <tr> <td> <a href="http://localhost :8080/xwiki/bin/view/TestSpace/TestPage">TestPage</a><br/><span>TestSpace.TestPage</span> </td> <td> modified by Reto Hotz on 2008/10/24 11:03 , comment : Upload new attachment <a href="/xwiki/bin/downloadrev/TestSpace/TestPage/test.pdf?rev=1.1">test.pdf</a> </td> </tr> ... As you can see, the test.pdf link href does not include the domain. The link to the TestPage though is correct. Is this a bug or a misconfiguration? Thanks Reto

15 years, 10 months

[xwiki-users] Question on a snippet from codezone

by Sharanabasavaraj Mudgal

I saw this code snippet for setting rights on a page. Does someone know the equivalent for setting the right on the space. How to get the space object(something equivalent to the first line in the snippet) http://code.xwiki.org/xwiki/bin/view/Snippets/SettingRightsSnippet thanks. sharan.

15 years, 10 months

[xwiki-users] How to change the data type of a property within a class

by BrianJones

Is it possible to change the datatype of a property within a class without deleting the class, and re-creating it? -- View this message in context: http://n2.nabble.com/How-to-change-the-data-type-of-a-property-within-a-cla… Sent from the XWiki- Users mailing list archive at Nabble.com.

15 years, 10 months

[xwiki-users] Chart macro problem

by CarrollJ

Hi all, Hopefully somebody has come across this before. I am trying to create a line chart that can have repeated data in each column e.g {table} id | number 22 | 23 | 22 | 23 | 25 | 24 | {table} My problem is the graph will only get rendered if one column has unique data. Charting exception: Error number 0 in 5: X-value already exists. Wrapped Exception: X-value already exists. com.xpn.xwiki.XWikiException: Error number 0 in 5: X-value already exists. Wrapped Exception: X-value already exists. at com.xpn.xwiki.plugin.charts.ChartingMacro.exception(ChartingMacro.java:143) at com.xpn.xwiki.plugin.charts.ChartingMacro.execute(ChartingMacro.java:80) at com.xpn.xwiki.render.filter.MacroFilter.handleMatch(MacroFilter.java:90) at org.radeox.filter.regex.RegexTokenFilter$1.handleMatch(RegexTokenFilter.java:91) at org.radeox.regex.JdkMatcher.substitute(JdkMatcher.java:48) at org.radeox.filter.regex.RegexTokenFilter.filter(RegexTokenFilter.java:89) at org.radeox.filter.FilterPipe.filter(FilterPipe.java:169) at com.xpn.xwiki.render.XWikiRadeoxRenderEngine.render(XWikiRadeoxRenderEngine.java:92) at com.xpn.xwiki.render.XWikiRadeoxRenderer.render(XWikiRadeoxRenderer.java:118) If i make all the data unique in one column above then the chart renders ok. Is there a parameter that i can use to allow repeated data or is the charting macro designed to have one column with unique data? Regards, John Carroll -- View this message in context: http://www.nabble.com/Chart-macro-problem-tp18191025p18191025.html Sent from the XWiki- Users mailing list archive at Nabble.com.

15 years, 10 months

[xwiki-users] Documentation of Class Properties for Structured Content

by BrianJones

If at all possible, is there a more comprehensive look at all the datatypes/properties that a Class can be composed of. In the DevGuide's http://platform.xwiki.org/xwiki/bin/view/DevGuide/DataModel Data Model , there is a list of the supported datatypes, but it does not mention any of the options/configurations for the said properties. An in depth look at these datatypes would be highly beneficial for new XWiki users trying to create structured content, as this feature is one of the main attractions to XWiki. Some of the datatypes are self explanitory, but others are more advanced, and have configuration options that the average/new XWiki user would not know about. If anyone has any information on these datatypes, I would be greatly appreciative, or if there is a plan for a more formal documentation of the datatypes, I'm sure many others would be highly pleased as well! Thanks very much. -- View this message in context: http://n2.nabble.com/Documentation-of-Class-Properties-for-Structured-Conte… Sent from the XWiki- Users mailing list archive at Nabble.com.

15 years, 10 months

[xwiki-users] Edit section

by Mihails Agafonovs

Hi! Can edit section be disabled for the first heading (h1)? Ar cieņu, Mihails

15 years, 10 months

[xwiki-users] Admin page style

by Mihails Agafonovs

Hi! How to modify administration page style? I can completely it remove (##$xwiki.ssx.use("XWiki.AdminSheet")) and create my own, but I still want to find the stylesheet attached to it. Ar cieņu, Mihails

15 years, 10 months

Re: [xwiki-users] Xwiki 1.6 Change LDAP Password

by Thomas Mortagne

Hi, Sorry to answer only now I had lot's of work and not that much with Internet access ;) On Tue, Oct 21, 2008 at 4:04 PM, <ramongb(a)mp.go.gov.br> wrote: > Hi Thomas, > > First I would congratulate you guys for such a powerful and top-of-mind tool like Xwiki. I'm the leader of the team here on my Company in Brazil (a Court government institute) that is implementing a wiki tool, and my first - and de-facto - choice was Xwiki. We're on ongoing works on it for integration with our AD infrastucture and it shows to be a complete and very powerful tool to fulfill our requirements. > This AD integration (and the ACL's Xwiki provides through AD imported groups) is the decisive feature for our needs. And on this subject, some questions came in mind. I've installed your last 1.6-SNAPSHOT, that corrects the bug regarding the AD authentication and seems to work (and log) well. But my question is about reseting the LDAP password through Xwiki. As I could notice, when I reset a password from a AD user through the "Forgot your password" feature, it doesn't reset the AD user password, but it resets (or creates?) the user password only in the internal database. Yes XWiki does not write/modify anything in LDAP server and it as to remain like this IMO. But you are right there is a problem with "Forgot your password" feature that should be disabled for LDAP users on XWiki. I will investigate this, thanks for the report. > The logs show that it can't authenticate anymore on the LDAP, but it tries to log on the Xwiki database and succeeds. Because of this, one can get two out-of-sync working passwords: one through LDAP (and it permits that his AD attributes be refreshed on every login - just what we need) and other through Xwiki database, which does not provide LDAP attributes refresh (once the authentication fails). > Does the last Xwiki 1.6 have this capability of password sync'ing? Is it a bug? I know sure that this could be a serious security breach (once one knows the username of another, the LDAP password can be compromised). This leads to another questions and we're touch them later. My mails is too big already :-) > > By the way, I'm gonna provide the Brazilian Portuguese translation for the project :-) Great ! > I'm looking forward to your response. > Thanks in advance, > > Ramon Gomes Brandão > I'm forwarding also in users(a)xwiki.org mailing list as this can be interesting for anyone. -- Thomas Mortagne

15 years, 10 months

← Newer
1
2
3
4
5
6
7
8
9
...
14
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

xwiki-users October 2008