Hi, On Fri, Dec 18, 2009 at 11:19, Fabio Puglisi <[email protected]> wrote: > > > Hi, > > I'm trying to configure my xwiki installation to authenticate users > using Microsoft Active Directory. > > If I try to login the result is a continuous reload of the login page > without error message. > > No error message in log files too.
See http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLDAPdebuglog to enable debug log and see what LDAP authenticator is exactly doing and what issue it has. > > Our login standard use dot between First name and Last name (eg: > fabio.puglisi), could be this a problem? No, LDAP authenticator is supposed to support dots. > > > > Anyone can help me? > > > > Thanks > > > > Here my wiki.cfg > > #----------------------------------------------------------------------- > -------------- > > # LDAP > > #----------------------------------------------------------------------- > -------------- > > > > #-# new LDAP authentication service > > xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAut > hServiceImpl > > > > #-# Turn LDAP authentication on - otherwise only XWiki authentication > > > > xwiki.authentication.ldap=1 > > > > #-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.) > > xwiki.authentication.ldap.server=10.239.1.169 > > xwiki.authentication.ldap.port=389 > > > > #-# LDAP login, empty = anonymous access, otherwise specify full dn > > #-# {0} is replaced with the username, {1} with the password > > xwiki.authentication.ldap.bind_DN=ldaptest\\administrator > > xwiki.authentication.ldap.bind_pass=Password > > > > #-# Force to check password after LDAP connection > > #-# 0: disable > > #-# 1: enable > > xwiki.authentication.ldap.validate_password=0 > > > > #-# only members of the following group will be verified in the LDAP > > #-# otherwise only users that are found after searching starting from > the base_DN > > xwiki.authentication.ldap.user_group=cn=Users > > > > #-# [Since 1.5RC1, XWikiLDAPAuthServiceImpl] > > #-# only users not member of the following group can autheticate > > # > xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c= > US > > > > #-# base DN for searches > > xwiki.authentication.ldap.base_DN=dc=ldaptest,dc=semplatest,dc=local > > > > #-# Specifies the LDAP attribute containing the identifier to be used as > the XWiki name (default=cn) > > xwiki.authentication.ldap.UID_attr=sAMAccountName > > > > #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] > > #-# Specifies the LDAP attribute containing the password to be used > "when xwiki.authentication.ldap.validate_password" is set to 1 > > xwiki.authentication.ldap.password_field=userPassword > > > > #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] > > #-# The potential LDAP groups classes. Separated by commas. > > # > xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUnique > Names,dynamicGroup,dynamicGroupAux,groupWiseDistributionList > > > > #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] > > #-# The potential names of the LDAP groups fields containings the > members. Separated by commas. > > xwiki.authentication.ldap.group_memberfields=member,uniqueMember > > > > #-# retrieve the following fields from LDAP and store them in the XWiki > user object (xwiki-attribute=ldap-attribute) > > xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=s > n,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# on every login update the mapped attributes from LDAP to XWiki > otherwise this happens only once when the XWiki account is created. > > xwiki.authentication.ldap.update_user=1 > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# mapps XWiki groups to LDAP groups, separator is "|" > > > xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=Adminis > trators > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# time in s after which the list of members in a group is refreshed > from LDAP (default=3600*6) > > # xwiki.authentication.ldap.groupcache_expiration=21800 > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# - create : synchronize group membership only when the user is first > created > > #-# - always: synchronize on every login > > xwiki.authentication.ldap.mode_group_sync=always > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# if ldap authentication fails for any reason, try XWiki DB > authentication with the same credentials > > xwiki.authentication.ldap.trylocal=0 > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# SSL connection to LDAP server > > #-# 0: normal > > #-# 1: SSL > > xwiki.authentication.ldap.ssl=0 > > > > #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl] > > #-# The keystore file to use in SSL connection > > # xwiki.authentication.ldap.ssl.keystore= > > > > #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl] > > #-# The java secure provider used in SSL connection > > # > xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.s > sl.Provider > > > Le informazioni contenute in questo messaggio sono riservate e confidenziali > ed e vietata le diffusione in qualunque modo eseguita. Qualora Lei non fosse > la persona a cui il presente messaggio e destinato, La invitiamo ad > eliminarlo e a non leggerlo, dandocene gentilmente comunicazione. Per > qualsiasi informazione si prega di contattare ([email protected]). Rif. > D.L. 196/2003 > > This e-mail (including attachments) is intended only for the recipient(s) > named above. It may contain confidential or privileged information and should > not be read, copied or otherwise used by any other person. If you are not the > named recipient, please contact ([email protected]) and delete the > e-mail from your system. Rif. D.L. 196/2003. > > > > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs > -- Thomas Mortagne _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
