Gunter Leeb wrote:
Hi Sheila and Ricardo

The authentication classes JIRA-1079 can use SSL for the connection to
the LDAP repository. This component has no way to switch XWiki to use
SSL. 

It would be great if XWiki could be configured to use SSL just for the
authentication.

Regards,

Gunter

Hi Gunter,

Thanks for jumping in here!

Please, let me sum up what I am understanding while dealing with ldap authentication.
  1. XE includes a ldap authentication class (ldap-UNKNOWN.jar) which we can not use simultaneously with XWiki DB. If I activate ldap authentication (xwiki.authentication.ldap=1), XWiki DB won't be asked for the existence of a given user.
  2. With JIRA-1079 classes it is possible to use ldap authentication and XWiki DB: if ldap fails to authenticate an user, XWiki will check its database before rejecting the login.
  3. JIRA-1079 classes support SSL binding with ldap servers.
>From here, please, what is the JIRA-1079 class most updated release supporting SSL binding?  Is it http://jira.xwiki.org/jira/secure/attachment/11160/LDAPAuthenticater.java date on June 18th, 2007?

Please, what do we need to compile it?

I've gone ahead and updated to 1.2M1. I am not able to bind to our eDirectory server. I've not used SSL before, so I don't remember how could I connect to an eDirectory server without confidenciality until now. But it worked. Please, do you know if this is possible and how? Thanks.

Sorry if I have not skills enough as to follow the JIRA-1079 issue. Mainly I don't understand how it relates with the "regular" XWiki development process. Any help will be welcome!

All the best,

Ricardo

-- 
Ricardo Rodríguez
Your XEN ICT Team