12 Jan
2009
12 Jan
'09
5:11 p.m.
Hi guys,
I'm very enthusiastic about getting everything out of the XWiki
environment I'm about to set up for my company. As a matter of fact,
right now I'm thinking about the best solution for getting Kerberos
authentication/authorization to work as all 12000 employees are
already part of the company's Active Directory.
I've read the XWiki article about Auth issues and am now thinking
about what would be the best/easiest/strongest solution.
The solution mentioned in the Wiki wants to use Apache Webserver mit
mod_auth_kerb. As for now, I did not succeed in building a working
mod_auth_kerb module for Win32, which somehow disencourages me to
follow this suggestion. Anyway I wonder, whether I would only be able
to authenticate users or whether there would be a way to have XWikis
builtin auth features cooperate with the Kerberos mechanism. The I
just came across "josso" which seems to a framework which can be
deployed into a JBoss Application Server and work as an authentication
gateway to any josso-enabled applications running on JBoss. Is XWiki
capable of doing this? And the question about XWikis auth mechanism
from before remains. Any other suggestions and hints for such are
scenario from you guys are highly appreciated , since the whole
AD/Kerberos/JBoss stuff is rather new to me. Again, many thanx in
advance for any potential reply on this, it's really important to me.
Cheers,
Sebastian
12 Jan
12 Jan
7:13 p.m.
New subject: [xwiki-users] XWiki+JBoss+SSO Kerberos (Active Directory) on Windows Server 2003
Hi,
If you setup an authentication which correctly sets the REMOTE_USER
field then you should be able to use it with XWiki. You can then use the
AppServerTrustedAuthentication module to accept your user and create
it's user page. You can activate it using this in xwiki.cfg
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.AppServerTrustedAuthServiceImpl
Implementing XWiki in Kerberos itself is a lot of work and not really
usefull since you can have it in Apache or the App server.
Ludovic
Sebastian Kannengiesser a écrit :
Hi guys,
I'm very enthusiastic about getting everything out of the XWiki
environment I'm about to set up for my company. As a matter of fact,
right now I'm thinking about the best solution for getting Kerberos
authentication/authorization to work as all 12000 employees are
already part of the company's Active Directory.
I've read the XWiki article about Auth issues and am now thinking
about what would be the best/easiest/strongest solution.
The solution mentioned in the Wiki wants to use Apache Webserver mit
mod_auth_kerb. As for now, I did not succeed in building a working
mod_auth_kerb module for Win32, which somehow disencourages me to
follow this suggestion. Anyway I wonder, whether I would only be able
to authenticate users or whether there would be a way to have XWikis
builtin auth features cooperate with the Kerberos mechanism. The I
just came across "josso" which seems to a framework which can be
deployed into a JBoss Application Server and work as an authentication
gateway to any josso-enabled applications running on JBoss. Is XWiki
capable of doing this? And the question about XWikis auth mechanism
from before remains. Any other suggestions and hints for such are
scenario from you guys are highly appreciated , since the whole
AD/Kerberos/JBoss stuff is rather new to me. Again, many thanx in
advance for any potential reply on this, it's really important to me.
Cheers,
Sebastian
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Ludovic Dubost
Blog: http://blog.ludovic.org/
XWiki: http://www.xwiki.com
Skype: ldubost GTalk: ldubost
14 Jan
14 Jan
4:38 a.m.
New subject: [xwiki-users] XWiki+JBoss+SSO Kerberos (Active Directory) on Windows Server 2003
Ludovic Dubost wrote:
Hi,
If you setup an authentication which correctly sets the REMOTE_USER
field then you should be able to use it with XWiki. You can then use the
AppServerTrustedAuthentication module to accept your user and create
it's user page. You can activate it using this in xwiki.cfg
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.AppServerTrustedAuthServiceImpl
Implementing XWiki in Kerberos itself is a lot of work and not really
usefull since you can have it in Apache or the App server.
<fsfRant>
Why not drop Windows? It's a crappy product, and there's no reason why
you should keep it. This way you'll be able to use mod_auth_kerb.
</fsfRant>
Sebastian Kannengiesser a écrit :
> Hi guys,
>
> I'm very enthusiastic about getting everything out of the XWiki
> environment I'm about to set up for my company. As a matter of fact,
> right now I'm thinking about the best solution for getting Kerberos
> authentication/authorization to work as all 12000 employees are
> already part of the company's Active Directory.
>
> I've read the XWiki article about Auth issues and am now thinking
> about what would be the best/easiest/strongest solution.
> The solution mentioned in the Wiki wants to use Apache Webserver mit
> mod_auth_kerb. As for now, I did not succeed in building a working
> mod_auth_kerb module for Win32, which somehow disencourages me to
> follow this suggestion. Anyway I wonder, whether I would only be able
> to authenticate users or whether there would be a way to have XWikis
> builtin auth features cooperate with the Kerberos mechanism. The I
> just came across "josso" which seems to a framework which can be
> deployed into a JBoss Application Server and work as an authentication
> gateway to any josso-enabled applications running on JBoss. Is XWiki
> capable of doing this? And the question about XWikis auth mechanism
> from before remains. Any other suggestions and hints for such are
> scenario from you guys are highly appreciated , since the whole
> AD/Kerberos/JBoss stuff is rather new to me. Again, many thanx in
> advance for any potential reply on this, it's really important to me.
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
10:41 a.m.
I would not consider using Windows for a second if I had a chance to
take something different. But as a matter of fact, my company enforces
me to set things up on Windows. Thnaks anyway. Any other suggestions
from the Windows people, if there are any? Thanks again in advance.
Cheers
Sebastian
<fsfRant>
Why not drop Windows? It's a crappy product, and there's no reason why
you should keep it. This way you'll be able to use mod_auth_kerb.
</fsfRant>
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
5821
days inactive
5823
days old
3 comments
3 participants
participants (3)
-
Ludovic Dubost -
Sebastian Kannengiesser -
Sergiu Dumitriu