[
http://jira.xwiki.org/jira/browse/XWIKI-1079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_22349
]
Jimmy Champion commented on XWIKI-1079:
---------------------------------------
Thomas,
Thanks for the update. I will attempt to add the patch and test it out against
my LDAP configuration. Unfortunately, I'm not an LDAP expert either :(.
I had another question that I will post here, but probably belongs elsewhere.
Why won't XWiki allow usernames to contain a period, (i.e. firstname.lastname)?
My client uses a naming convention similar to this for their usernames, so it
is important that we carry over support for this in the Wiki product we choose.
Browsing through the source code I have noticed that you check to see if the
username begins with "XWiki.".
Instead of checking to see if there is a period in the username, could the code
be modified to be more specific. For example, instead of:
userName.indexOf(".");
could this code be modifed to something like:
if(userName.beginsWith("XWiki.")) { ... }
Obviously, I am new to XWiki so there is probably a good reason for this
restriction on usernames, but I was just hoping to get some clarification and
possibly a workaround so we can support our client's needs.
Thanks again for all of your help.
Jimmy
> LDAP Authentication
> -------------------
>
> Key: XWIKI-1079
> URL: http://jira.xwiki.org/jira/browse/XWIKI-1079
> Project: XWiki Platform
> Issue Type: Improvement
> Components: Admin, Authentication and Rights Management, Plugin -
> Other, Wiki features
> Affects Versions: 1.0 B6
> Reporter: Gunter Leeb
> Assigned To: Sergiu Dumitriu
> Fix For: 1.3 M2
>
> Attachments: 20080207-new_ldap_auth.patch, ldap.zip,
> LDAPAuthenticater.class, LDAPAuthenticater.java, LDAPAuthenticater.java,
> LDAPAuthenticater.java, new_ldap_auth.patch, ssl.zip, XWiki.zip
>
>
> I have finished the implementation of a substitude LDAP authentication class.
> The new features and changes:
> - Separate LDAP login and authentication validation
> - An LDAP group membership is first checked before a user can be
> authenticated against LDAP
> - LDAP Groups are handled recursivly (groups in groups)
> - LDAP Groups and their members are cached with an expiration
> - LDAP attributes can update XWiki user attributes configurable at create
> time or on every login
> - LDAP group membership can be sync'ed with XWiki group membership
> - If authentication with LDAP fails it still will try to authenticate against
> the XWiki DB
> - detailed comments in xwiki.cfg
> - pretty much every detail of the behavior can be configured in xwiki.cfg
> - as far as I can see, all valuable features from the old LDAPAuthServiceImpl
> are reimplemented (except for LDAP bind being sufficent for login implemented
> by the check_level configuration)
> - I have tried to implement all the feature requests about LDAP that I have
> heard about
> - any LDAP attribute can be used containing the XWiki name
> Known Issues:
> - joining an XWiki group or removing someone from a group does not appear to
> work correctly
> - creating a user appears incomplete to me
> I tested against OpenLDAP and Novell eDirectory.
> I would like to ask for a code-read, verification of how the module is using
> the XWiki APIs and testing in various environments.
> Most of all, I am looking for feedback.
> This is not a final version!
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.xwiki.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
notifications mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/notifications
