Re: [xwiki-users] Antw: Re: support for LDAP over SSL

Hi Ricardo, Yes, 1-3. is correct. One of the features that I am proposing in JIRA-1079 is the (configurable) fallback authentication using the XWiki DB. My library was developed based on code of the ldap authentication plug-in from XWiki pre-1.0. I have not followed any changes in XWiki's ldap plug-in since then. I have added SSL binding to the LDAP Server later and added the code to the JIRA issue. The code checked in the JIRA issue is a suggestion for improvement of XWiki coming out of the community. It is a plug-in and therefore is fairly independent from the regular XWiki development and build process. By referencing xwiki.jar (and novell's ldap jar) you should be able to compile the sources that I provided. I have also added the class files. You are corret the last bug fixes I checked in in the mentioned attachment. If you haven't done before, before you go thorough compiling the plug-in try out the classes. See if you can handle the configuration. Regards, Gunter 04.10.2007 16:38 >>> Gunter Leeb wrote: to use the Hi Gunter, Thanks for jumping in here! Please, let me sum up what I am understanding while dealing with ldap authentication. 1. XE includes a ldap authentication class (ldap-UNKNOWN.jar) which we can not use simultaneously with XWiki DB. If I activate ldap authentication (xwiki.authentication.ldap=1), XWiki DB won't be asked for the existence of a given user. 2. With JIRA-1079 classes it is possible to use ldap authentication and XWiki DB: if ldap fails to authenticate an user, XWiki will check its database before rejecting the login. 3. JIRA-1079 classes support SSL binding with ldap servers. From here, please, *what is the JIRA-1079 class **most updated release **supporting SSL binding? *Is it http://jira.xwiki.org/jira/secure/attachment/11160/LDAPAuthenticater.java date on June 18th, 2007? Please, what do we need to compile it? I've gone ahead and updated to 1.2M1. I am not able to bind to our eDirectory server. I've not used SSL before, so I don't remember how could I connect to an eDirectory server without confidenciality until now. But it worked. Please, do you know if this is possible and how? Thanks. Sorry if I have not skills enough as to follow the JIRA-1079 issue. Mainly I don't understand how it relates with the "regular" XWiki development process. Any help will be welcome! All the best, Ricardo -- Ricardo Rodríguez Your XEN ICT Team ------------------------------------------------------------------------------- Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. -------------------------------------------------------------------------------