W dniu 10-10-12 11:41, Thomas Mortagne wrote:
On Tue, Oct 12, 2010 at 11:12, Piotr
Dziubecki<deepres(a)man.poznan.pl> wrote:
Hi,
I'm testing the ldap features of xwiki and have a question regarding importing
/registering new user.
I managed to setup ldap authentication with user import and group mapping. The question
is connected with
this configuration flag:
#-# Specifies the LDAP attribute containing the identifier to be used as the XWiki name
(default=cn)
xwiki.authentication.ldap.UID_attr=mail
What I would achieve is a user authentication with his mail/password ( which is pretty
common nowadays ).
It works with ldap and after a successful authentication with i.e.
mail = bruno(a)7cogs.com,
a new user is created with the following value:
username = bruno@7cogscom
I assume that the 'dot' is not allowed to be used in the username string ?
It's not really a user name limitation but the fact that the user id
is the user profile page name which not does yet fully support dot.
In my scenario there will be also a need for registering new users in a traditional
(xwiki ) way but it
seems to be impossible to provide a mail as a username ( even though the client side
validation seems to not
complain about that initially ):
Invalid username provided. Please use only letters from the latin alphabet, numbers, and
the underscore
character.
That's because the UI to create users is over precautionnous and does
not allow anny "special" character.
Do you really need your "normal" XWiki user name to contain a @ ?
Not
really, what I want is to have a possibility to choose a field against which user can
authenticate
himself ( of course, I understand that not every field is unique but email meets that
requirement ).
Do you have any clues how to achieve that ? maybe it's possible to set a flag in
xwiki config similar to the
ldap solution ( identifier to be used as the XWiki name )..
If what you want is to create a XWiki user and then link it to LDAP,
the user id does not really matter. All you have to do is to add the
same object LDAP users have and provide the proper uid and DN in that
object.
That is a solution, but in my case i have different users, one group with their user
credentials stored in
the LDAP and another group which will exist only in Wiki. For both of them I would like to
have a uniform
authentication policy ( mail/password ). Currently this method is the most popular one (
google, facebook
etc. ) and this is the reason of my queries.
Regards,
Piotr