Hi Thomas, If XWiki supports JAAS for authentication, it would be cool, solving also other issue that we had with authentication. I just found information on the internet that jetty supports JAAS. z.B. http://docs.codehaus.org/display/JETTY/JAAS Looking at this description, the integration appears to be reasonably easy and the LDAP Security Componente should be able to be rewritten as a JAAS LDAPLoginModule. You may not even need to do any changes to the datastructructures. Although, I havn't found yet how the mentioned chaining of authentication providers might work in Jetty. Could this still be a XWiki 1.0 feature? Gunter
"THOMAS, BRIAN M (ATTSI)" <[email protected]> 23.03.2007 19:59:44 >>>
Currently, XWiki allows only one method of authentication to be enabled. This means that using LDAP disables the normal XWiki users. This is an error in the architecture, and I vote for changing this. Instead of using only one authentication/rights mechanism, we should have a list. When trying to authenticate a user, all the registered authenticators should be used, until at least one correctly identifies the user. This should be better planned, so that in the future no other changes should be made. Sergiu You have just described JAAS. ------------------------------------------------------------------------------- Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. -------------------------------------------------------------------------------