18 Mar
2008
18 Mar
'08
8 p.m.
Hi Benjamin
here is our xwiki.cfg file. Superuser hasn't any problem with wysiwyg
editing, it's only AD users problem.
Frantisek
******************
xwiki.base=../../
xwiki.store.class=com.xpn.xwiki.store.XWikiHibernateStore
xwiki.store.hibernate.path=/WEB-INF/hibernate.cfg.xml
xwiki.store.hibernate.updateschema=1
xwiki.store.hibernate.custommapping=1
xwiki.store.cache=1
xwiki.store.cache.capacity=100
xwiki.store.migration=1
xwiki.monitor=1
# List of active plugins.
xwiki.plugins=\
com.xpn.xwiki.monitor.api.MonitorPlugin,\
com.xpn.xwiki.plugin.calendar.CalendarPlugin,\
com.xpn.xwiki.plugin.feed.FeedPlugin,\
com.xpn.xwiki.plugin.ldap.LDAPPlugin,\
com.xpn.xwiki.plugin.google.GooglePlugin,\
com.xpn.xwiki.plugin.flickr.FlickrPlugin,\
com.xpn.xwiki.plugin.mail.MailPlugin,\
com.xpn.xwiki.plugin.packaging.PackagePlugin,\
com.xpn.xwiki.plugin.query.QueryPlugin,\
com.xpn.xwiki.plugin.svg.SVGPlugin,\
com.xpn.xwiki.plugin.charts.ChartingPlugin,\
com.xpn.xwiki.plugin.fileupload.FileUploadPlugin,\
com.xpn.xwiki.plugin.image.ImagePlugin,\
com.xpn.xwiki.plugin.captcha.CaptchaPlugin,\
com.xpn.xwiki.plugin.userdirectory.UserDirectoryPlugin,\
com.xpn.xwiki.plugin.usertools.XWikiUserManagementToolsImpl,\
com.xpn.xwiki.plugin.zipexplorer.ZipExplorerPlugin,\
com.xpn.xwiki.plugin.autotag.AutoTagPlugin,\
com.xpn.xwiki.plugin.lucene.LucenePlugin,\
com.xpn.xwiki.plugin.diff.DiffPlugin,\
com.xpn.xwiki.plugin.rightsmanager.RightsManagerPlugin,\
com.xpn.xwiki.plugin.jodatime.JodaTimePlugin,\
com.xpn.xwiki.plugin.scheduler.SchedulerPlugin,\
com.xpn.xwiki.plugin.mailsender.MailSenderPlugin,\
com.xpn.xwiki.plugin.watchlist.WatchListPlugin
# This parameter allows XWiki to operate in Hosting mode allowing to create
# multiple wikis having their own database and responding to different URLs
xwiki.virtual=0
xwiki.virtual.redirect=http://127.0.0.1:9080/xwiki/bin/Main/ThisWikiDoesNotExist
# This parameter will activate the eXo Platform integration
xwiki.exo=0
xwiki.authentication=form
xwiki.authentication.validationKey=totototototototototototototototo
xwiki.authentication.encryptionKey=titititititititititititititititi
xwiki.authentication.cookiedomains=xwiki.com,wiki.fr
# Comment if you want to enable logout only for
/bin/logout/XWiki/XWikiLogout
xwiki.authentication.logoutpage=/[^/]+/logout/*
# Stats configuration allows to globally activate/deactivate stats module
# It is also possible to choose a different stats service to record
# statistics separately from XWiki.
# Note: Statistics are disabled by default for improved performances.
xwiki.stats=0
xwiki.stats.default=1
xwiki.stats.class=com.xpn.xwiki.stats.impl.XWikiStatsServiceImpl
xwiki.encoding=UTF-8
xwiki.backlinks=1
xwiki.tags=1
# Use edit comments
xwiki.editcomment=1
# Hide editcomment field and only use Javascript
xwiki.editcomment.hidden=0
# Make edit comment mandatory
xwiki.editcomment.mandatory=0
# Make edit comment suggested (asks 1 time if the comment is empty.
# 1 shows one popup if comment is empty.
# 0 means there is no popup.
# This setting is ignored if mandatory is set
xwiki.editcomment.suggested=0
# GraphViz plugin configuration. The GraphViz plugin is not configured by
default.
# To enable it, add "com.xpn.xwiki.plugin.graphviz.GraphVizPlugin" to the
list of plugins
# in the xwiki.plugins property.
# Uncomment and set the locations of the Dot and Neato executables
#xwiki.plugin.graphviz.dotpath=c:/Program Files/ATT/GraphViz/bin/dot.exe
#xwiki.plugin.graphviz.neatopath=c:/Program Files/ATT/GraphViz/bin/neato.exe
xwiki.plugin.laszlo.baseurl=/openlaszlo/xwiki/
xwiki.plugin.laszlo.path=c:/Program Files/Apache Software Foundation/Tomcat
5.0/webapps/openlaszlo/xwiki/
xwiki.plugin.image.cache.capacity=30
xwiki.plugin.captcha=0
# Enable to allow superadmin. It is disabled by default as this could be a
security breach if
# it were set and you forgot about it.
xwiki.superadminpassword=system
#-------------------------------------------------------------------------------------
# LDAP
#-------------------------------------------------------------------------------------
#-# new LDAP authentication service
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0 : disable
#-# 1 : enable
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
xwiki.authentication.ldap.server=10.0.1.2
xwiki.authentication.ldap.port=389
#-# LDAP login, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the username, {1} with the password
xwiki.authentication.ldap.bind_DN=CHEMOSVIT\\{0}
xwiki.authentication.ldap.bind_pass={1}
#-# only members of the following group will be verified in the LDAP
# otherwise only users that are found after searching starting from the
base_DN
xwiki.authentication.ldap.user_group=cn=XWikiUsers,ou=XWikiGroups,ou=groups,dc=chemosvit,dc=SK
#-# base DN for searches
xwiki.authentication.ldap.base_DN=dc=chemosvit,dc=sk
#-# specifies the LDAP attribute containing the identifier to be used as the
XWiki name (default=cn)
xwiki.authentication.ldap.UID_attr=sAMAccountName
#-# retrieve the following fields from LDAP and store them in the XWiki user
object (xwiki-attribute=ldap-attribute)
#-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object for
faster access
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# on every login update the mapped attributes from LDAP to XWiki otherwise
this happens only once when the XWiki account is created.
xwiki.authentication.ldap.update_user=1
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# mapps XWiki groups to LDAP groups, separator is "|"
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=XWikiAdmin,ou=XWikiGroups,ou=Groups,dc=chemosvit,dc=sk|\
#
XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# time in s after which the list of members in a group is refreshed from
LDAP (default=3600*6)
# xwiki.authentication.ldap.groupcache_expiration=21800
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# - create : synchronize group membership only when the user is first
created
#-# - always: synchronize on every login
# xwiki.authentication.ldap.mode_group_sync=always
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# if ldap authentication fails for any reason, try XWiki DB authentication
with the same credentials
xwiki.authentication.ldap.trylocal=0
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# SSL connection to LDAP server
#-# 0 : normal
#-# 1 : SSL
# xwiki.authentication.ldap.ssl=0
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# The keystore file to use in SSL connection
# xwiki.authentication.ldap.ssl.keystore=
#-------------------------------------------------------------------------------------
xwiki.authentication.unauthorized_code=200
# This parameter will activate the sectional editing
xwiki.section.edit=1
# Uncomment if you want to ignore requests for unmapped actions, and simply
display the document
# xwiki.unknownActionResponse=view
# You can configure the toolbars you wish to see in the WYSIWYG editor by
defining the
# xwiki.wysiwyg.toolbars property.
# When not defined it defaults to:
# xwiki.wysiwyg.toolbars=texttoolbar, listtoolbar, indenttoolbar,
undotoolbar, titletoolbar, \
# styletoolbar, horizontaltoolbar,
attachmenttoolbar, macrostoolbar, \
# tabletoolbar, tablerowtoolbar, tablecoltoolbar,
linktoolbar
# The full list of toolbars includes the one defined above and the following
ones:
# subtoolbar, findtoolbar, symboltoolbar
xwiki.defaultskin=toucan
xwiki.defaultbaseskin=albatross
xwiki.temp.dir=/tmp/xwiki
# xwiki.work.dir=/usr/local/xwiki
# xwiki.plugins.lucene.indexdir=/usr/local/xwiki/lucene
#
xwiki.plugins.lucene.analyzer=org.apache.lucene.analysis.standard.StandardAnalyzer
# xwiki.plugins.lucene.indexinterval=20
xwiki.work.dir=/docudata/xwiki
Benjamin Leung-2 wrote:
Hi Frantisek,
Would you mind sharing the LDAP section of your xwiki.cfg? Because I want
to confirm something...
In my LDAP/AD configuration, I have to set the --
xwiki.authentication.ldap.user_group -- value to make it work (contrary to
what the parameter description says).
Thanks!
On Mon, Mar 17, 2008 at 5:08 PM, Frantisek Kall <kaferos(a)gmail.com> wrote:
--
View this message in context:
http://www.nabble.com/Problem-with-AD-authentication-in-XWiki-1.3-tp1608997…
Sent from the XWiki- Users mailing list archive at Nabble.com.
I started discussion below. There is something
new in this case. First
I have to say that I made mistake when I wrote we tested ver. 1.2 and
it works with AD well. Working version was 1.1.2 not 1.2.
And also now we have ver. 1.3 working with AD authentication. We
don't know what helped, but my colleague who installed it, tried it
once more, set all things as before and it works. New user is created
in XWikiAllGroup :-)
But I noticed problem with editing :-( In wiki mode editing is OK,
but when I switch to WYSIWYG mode I'm logged out immediately (I
receive Log-in screen). We are working on it, when I will have
something new I'll report it.
Frantisek
***************
Date: Mon, 17 Mar 2008 21:19:18 +0200
From: Mihails Agafonovs <_muxa(a)inbox.lv>
Subject: Re: [xwiki-users] Problem with AD authentication in XWiki 1.3
To: XWiki Users <users(a)xwiki.org>
Message-ID: <1205781558.47dec436a4896(a)www.inbox.lv>
Content-Type: text/plain; charset="windows-1257"
No, it doesn't.
Quoting Thomas Mortagne : On Mon, Mar 17, 2008 at 3:43 PM, Mihails
Agafonovs wrote:
You can try to specify the base_DN (for me it worked). //
base_DN=dc=domain,dc=com
You're also using sAMAccountName. What format does it have?
name.surname?
In our company our sAMAccountName is like name.surname, and it
doesn't work
with XWiki. So I've changed UID_attr to cn.
P.S. I still use version 1.1.2, because it's the only version
working
properly with AD (user is created in XWikiAllGroup). No other
version is
working in my case :)
The new LDAP authenticator (since 1.3) works perfectly with that and
also add group mapping between XWiki and LDAP.
Quoting Frantisek Kall :
A month ago we tested 1.2 ver. XWiki and there wasn't problem to set
up
Active Directory authentication. Now we are going to start XWiki for
enterprise use and we had a problem to setup AD authentication with
1.3 ver.
Can anybody help us?
Frantisek Kall
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users