xwiki-users

xwiki-users@xwiki.org

10408 discussions

LDAP authentication problem in Active Directory

by Gunter Leeb

Hi, Sorry for my late reply. I have implemented an improvement to the LDAP Authentication component that comes with XWiki. The code that comes with XWiki does not yet support SSL and has other severe limitations (IMHO). Here is my latest update. I have only tested the component against Novell eDirectory and OpenLDAP and not against AD, but that should not be a problem. My component provides a variety of new features. (as described in more details in my IRA-issue) if so configured: - it will add a user to XWiki that is authenticated against LDAP - user must belong to a group in LDAP to be allowed to login - a user is joined and removed from XWiki groups if he belongs to mapped LDAP groups - Attributes (email, tel, ...) are mapped from LDAP in the XWiki. - fall back to authenticate against the XWiki DB (with a password configured just there) works. Also, I didn't have the chance to verify the code that removes a user from a group based on the user leaving an LDAP group. SSL works fine, if you have the certificate installed correctly with my component. (All the new features can be deactivated in xwiki.cfg) Installation instructions: - unzip under WEB-INF (all the java classes go deep under the "classes" directory. I have also activated logging for this component.) - I have included my heavily commented example of the xwiki.cfg within the zip. (Caution that you don't overwrite your own xwiki.cfg while unpacking) - There is a keytool.exe with the JDK that converts SSL certificates. Afterwards, you can specify the path where the component finds the certificate in the xwiki.cfg for SSL to work. I welcome any feedback, testing and verification. Regards, Gunter P.S.: This example contains one strange piece of code: It tries to create a dummy user in the beginning. In my experiments this call always fails (but actually shouldn't), but afterwards, creating a user with the same call based on LDAP will work. ------------------------------------------------------------------------------- Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. -------------------------------------------------------------------------------

17 years, 7 months

LDAP authentication problem in Active Directory

by jimmy＠comkraft.com

Hi, I have tried a while to switch to Active Directory (AD) for our xwiki (1.0 RC 4) authentication but was not successful so far. I took a look at the code (LDAPAuthServiceImpl.java) and found out the error I keep getting is: "Not such attribute" when the code tries to compare the user input password and the real password stored in AD using the attribute "userPassword". I guess the reason is the binding user I use (a regular user account) doesn't have permission to the userPassword attribute. Could someone please shed some light on if this could be the problem? btw, I changed the check_level from the default 1 to 2 since 1 doesn't check password at all - which defeats the purpose of authentication. It would allow user to log in as long as the user has the correct userid. I am wondering why we even need this option here. xwiki.authentication.ldap.check_level=2 I also hardcoded my CN/password in the bind_Pass and bind_DN section. the {0} and {1} thing failed in the binding when I entered my username(sAMAccountName) and password. Any of your help will be highly appreciated. Thanks -Jimmy

17 years, 7 months

error after installation

by chux

Hi Guys, I have deployed xwiki and modified the hibernate.cfg.xml file to use HSQL. However when I try and access the main page /xwiki/bin/view/Main/WebHome it gives me the following error: javax.servlet.ServletException: Error number 3 in 0: Could not initialize main XWiki context Wrapped Exception: access denied (java.io.FilePermission \WEB-INF\xwiki.cfg read) org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:535) org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:433) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) sun.reflect.GeneratedMethodAccessor2335.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:597) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161) java.security.AccessController.doPrivileged(Native Method) com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:118) sun.reflect.GeneratedMethodAccessor2334.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:597) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:217) Has anyone come across this? I have verified that the /WEB-INF/xwiki.cfg file exists. It is the default file and it has read and write permissions I am running on Apache Tomcat/5.5.15 with JVM version 1.6.0-b105 Any help would be much appreciated -- View this message in context: http://www.nabble.com/error-after-installation-tf3758009.html#a10621283 Sent from the XWiki- Users mailing list archive at Nabble.com.

17 years, 7 months

Changing the default page for a space

by Daniel Zaugg

Hi, I devlopped a XWiki based site for french users and I'd like to change the name of the default page for a space from "Space.WebHome" to "Space.SomeOtherName" which woud be more meaningful in french. Is this possible or is the "WebHome" name hard-coded somwhere? BTW, I would be interested to change the default space name also ("Main" means "Hand" in french...) Thanks in advance for your answers Daniel -- View this message in context: http://www.nabble.com/Changing-the-default-page-for-a-space-tf3775286.html#… Sent from the XWiki- Users mailing list archive at Nabble.com.

17 years, 7 months

LDAP authentication with SSL

by Whisler, Dave

Anyone able to get LDAP authentication over SSL working with XWiki?? If so, how? I'm running the latest version of XWiki (1.0 RC4) and am able to use LDAP authentication to our Active Directory Server successfully, but only in clear text, not over SSL. I've checked Jira and see that someone is working on a patch to a bug (XWIKI-865) that have something to do with LDAP authentication over SSL. How does one install a patch to XWiki? David K. Whisler Oracle Database Administrator & Centra Administrator The William States Lee College of Engineering University of North Carolina at Charlotte (704) 687-3964 dkwhisle(a)uncc.edu <mailto:dkwhisle@uncc.edu>

17 years, 7 months

[ANN] XWiki 1.0 RC 5 Released

by Vincent Massol

The XWiki development team team is pleased to announce the availability of the 1.0 RC 5 release. Go grab it on http://www.xwiki.org/xwiki/bin/view/Main/Download The 1.0 RC4 release was supposed to be the last release before the 1.0 final but we've discovered some important bugs, the most important being that with RC4 you couldn't anymore copy/paste content from Word/Excel into the WYSIWYG editor. This release is a bug fix release and is planned to be promoted as the final 1.0 release on next Tuesday. Let's hope it's the last RC. * Bugs fixed: o XWIKI-1205 - Going to the Main.WebHome page on a wiki with an empty database generates a NPE o XWIKI-1210 - Nested lists are discarded by WYSIWYG editor o XWIKI-1224 - Html tags is escaped when we switch from wysiwyg editor to wiki editor o XWIKI-1225 - Entering a multiline cell content only keeps the first line when saved in WYSIWYG mode o XWIKI-1227 - Incorrect paragraph when copy and paste from other editor to WYSIWYG editor o XWIKI-1229 - Toolbar in Wysiwyg Editor cannot wrap properly under IE7 o XWIKI-1233 - Unindent button greyed out even though line is indented o XWIKI-1234 - Editor doesn't understand the 1. syntax notation for lists o XWIKI-1238 - Horizontal line breaks table * Improvement o XWIKI-1228 - Change the style sheet for select list in toolbar of WYSIWYG editor o XWIKI-1237 - Add handle button toolbar for font size and font family select in toolbar of visual editor. IMPORTANT: XWiki 1.0 RC 2 has fixed an important security issue in past releases where passwords were stored in clear in the database. Passwords are now hashed. If you are upgrading from a previous version, any new user or any password update will automatically get the password hashed. However existing users who do not change their passwords will still have their passwords in clear in the database. Thus, we are providing a tool to automatically hash all passwords from an existing database. See the full release notes on http://www.xwiki.org/xwiki/bin/view/ Main/ReleaseNotesXWiki10RC5 Enjoy -The XWiki development team

17 years, 7 months

Intra-document links to XWiki headers in 1.0B3

by THOMAS, BRIAN M (ATTSI)

I really like the WYSIWYG editor's "Add/edit link" feature. One problem, though, is XWiki headings. There are two problems generally: first, it isn't intuitive how to name the link. For example, for a level-2 XWiki heading (1.1 in Wiki markup, generates HTML h3 element of class "heading-1-1") named Styles, the fragment identifier was "HStyles". Also, a level-1 (h2, class "heading-1") was also named by prepending an "H" to the heading text. Is this the way it's supposed to work, where in the "link" field I have to put "Hsomething" for a link to a heading called "something", unless there's another heading with that same text, which could be added after I compose that link and then what do I do...? The other is that following the link causes the page to scroll to just below the heading text, which is a bit confusing. brain[sic]

17 years, 8 months

Navigation panel

by thegios

I deleted by mistake the NAVIGATION panel of the standard installation, the one with collapsable spaces. Could pls someone post the code? Also, in this panel, I would like to avoid listing certain pages in some spaces: how can i achieve this? Thanks a lot -- View this message in context: http://www.nabble.com/Navigation-panel-tf3759045.html#a10624654 Sent from the XWiki- Users mailing list archive at Nabble.com.

17 years, 8 months

Information Xwiki

by Manvar Khan

Hi, I want to install Xwiki on Unix platform, I need information regarding memory and disk uses for Xwiki. Please Guide me. Thanks & Regards Manvar Khan | CRM-AMSS Integration | Tech Mahindra Delta, Fourth floor Giga Space, Viman Nagar, Pune - 411016. INDIA * Office: +91 20 6622 1000 | Extn: 3157 | Cell: +91-9970291915 Email: manvark(a)techmahindra.com www.techmahindra.com <https://techmail1.techmahindra.com/exchweb/bin/redir.asp?URL=http://www .techmahindra.com/> ============================================================================================================================ Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/Disclaimer.html">http://tim.techmahindra.com/Disclaimer.html</a> internally within Tech Mahindra. ============================================================================================================================

17 years, 8 months

LDAP/ActiveDirectory authentication not what I expected

by BSayatovic＠amig.com

I set up XWiki 1.0RC3 (soon to be upgraded to RC4) with ActiveDirectory authentication. However, it's not what I expected. First, I must still create XWiki users with the same username that users have in my directory. If I don't first create the XWiki user, the ActiveDirectory user won't be able to log in. However, as soon as I create the XWiki user, the corresponding ActiveDirectory user can log in with their ActiveDirectory credentials. I had hoped that XWiki would simply allow an authenticated user to log in. So am I misunderstanding how it should work? Second, when an ActiveDirectory user does log in, it is the user details from their XWiki user that is shown, not the corresponding ActiveDirectory details. For example, if John Smith is an ActiveDirectory user with username "jsmith", and I create an XWiki user named "Johnny Boy", then when John logs in, "Johnny Boy" is shown for his name, not the "John Smith" form ActiveDirectory. This surprises me because some of the LDAP value I has to specify for XWiki's ActiveDirectory integration were telling it how to glean information such as the displayName from the directory. Again, and I misunderstanding how it should work? Regards, Brian. ----------------------------------------- CONFIDENTIALITY STATEMENT: This e-mail transmission contains information that is intended to be confidential. It is intended only for the addressee named above. If you receive this e-mail in error, please do not read, copy, or disseminate it. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated.

17 years, 8 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

xwiki-users