Hello,
Currently we have LDAP authentication for our XWIKI users. I am trying to
implement XWiki Authenticator Trusted LDAP with it.
I did the following:
1. Added jar file into WEB-INF/lib folder
2. Modified xwiki.cfg :
2.1. Replaced
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
with
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.AppServerTrustedAuthServiceImpl
If I replace the line with
xwiki.authentication.authclass=com.xwiki.authentication.trustedldap.TrustedLDAPAuthServiceImpl,
my xwiki doesn’t run at all with an error LDAP.XWikiLDAPAuthServiceImpl not
found.
2.2. I still have all configuration in place for LDAP, and I have added the
lines according to the recommendations:
#-# A Java regexp used to parse the remote user provided by JAAS
xwiki.authentication.trustedldap.remoteUserParser=(.+)(a)(.+)
#-# Indicate which of the regexp group correspond to which LDAP properties
#-# The following LDAP properties are supported:
#-# login, password, ldap_server, ldap_base_DN, ldap_bind_DN,
ldap_bind_pass
#
#xwiki.authentication.trustedldap.remoteUserMapping.1=login
#xwiki.authentication.trustedldap.remoteUserMapping.2=ldap_server,ldap_base_DN,ldap_bind_DN,ldap_bind_pass
xwiki.authentication.trustedldap.remoteUserMapping.1=
xwiki.authentication.trustedldap.remoteUserMapping.2=our data here
#-# Indicate how to convert each found property
#xwiki.authentication.trustedldap.remoteUserMapping.ldap_server=MYDOMAIN=my.domain.com|MYDOMAIN2=my.domain2.com
#xwiki.authentication.trustedldap.remoteUserMapping.ldap_base_DN=MYDOMAIN=dc=my,dc=domain,dc=com|MYDOMAIN2=dc=my,dc=domain2,dc=com
#xwiki.authentication.trustedldap.remoteUserMapping.ldap_bind_DN=MYDOMAIN=cn=bind,dc=my,dc=domain,dc=com|MYDOMAIN2=cn=bind,dc=my,dc=domain2,dc=com
#xwiki.authentication.trustedldap.remoteUserMapping.ldap_bind_pass=MYDOMAIN=password|MYDOMAIN2=password2
xwiki.authentication.trustedldap.remoteUserMapping.ldap_server=MYDOMAIN=domain_name1.ds.domain.ca|MYDOMAIN2=domain_name2.ds.somain.ca
xwiki.authentication.trustedldap.remoteUserMapping.ldap_base_DN=MYDOMAIN=dc=
domain_name1,dc=ds,dc=domain,dc=ca|MYDOMAIN2=dc=domain_name2,dc=ds,dc=domain,dc=ca
xwiki.authentication.trustedldap.remoteUserMapping.ldap_bind_DN=MYDOMAIN=cn=bind,dc=domain_name1,dc=ds,dc=domain,dc=ca|MYDOMAIN2=cn=bind,dc=
domain_name2,dc=ds,dc=domain,dc=ca
xwiki.authentication.trustedldap.remoteUserMapping.ldap_bind_pass=MYDOMAIN=password|MYDOMAIN2=password
My questions:
1. What are xwiki.authentication.trustedldap.remoteUserMapping.1 and
xwiki.authentication.trustedldap.remoteUserMapping.2 ? Should I have those 2
lines for both domains? Also, I confused with parameters: login,
ldap_server, ldap_base_DN, ldap_bind_DN, ldap_bind_pass.
Login – I do not know what to use, have empty.
ldap_server – enter the same as for xwiki.authentication.ldap.server.
ldap_base_DN – enter the same as for xwiki.authentication.ldap.base_DN,
ldap_bind_DN – enter the same as for xwiki.authentication.ldap.bind_DN, ,
ldap_bind_pass – entart the same as for xwiki.authentication.ldap.bind_pass
2. Should I keep MYDOMAIN, MYDOMAIN1, MYDOMAIN2 words or replace it with
some actual names? If ‘Yes’ – what names? Should I replace bind with some
actual data? What is that?
3. Could you please provide more explanations how to implement this trusted
domain authentication and provide the whole part of LDAP authentication of
xwiki.cfg file?
Now, after modifications, our LDAP authentication is broken and trusted
domain authentication doesn’t work.
Thank you,
Galina
--
View this message in context:
http://xwiki.475771.n2.nabble.com/XWiki-Authenticator-Trusted-LDAP-tp758908…
Sent from the XWiki- Users mailing list archive at
Nabble.com.