Re: [xwiki-users] LDAP Auth again
It means it will be replaced at runtime and it's usually the safest (avoid putting clear password in a file) if the users are allowed to search in the LDAP repository. Note that you have various example for more precise use cases in http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/UseCases/. On Wed, Mar 15, 2017 at 10:07 PM, Douglas Landau <dougl...@westmarine.com> wrote: > What does this mean? > #-# LDAP credentials, empty = anonymous access, otherwise specify full dn > #-# {0} is replaced with the user name, {1} with the password > #xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP > #xwiki.authentication.ldap.bind_pass={1} > > Does this mean that {0} is going to be replaced at runtime, or that I should > replace it? > > Thanks > > > -Original Message- > From: users [mailto:users-boun...@xwiki.org] On Behalf Of Douglas Landau > Sent: Wednesday, March 15, 2017 1:44 PM > To: XWiki Users > Subject: Re: [xwiki-users] LDAP Auth again > > Hmm. I've set these two lines to: > > xwiki.authentication.ldap.bind_DN=cn={0},dc=westmarine,dc=net > xwiki.authentication.ldap.bind_pass={1} > > ... and still get a Java stacktrace surrounded by these: > > 2017-03-15 13:39:12,357 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] > DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't > try to authenticate, it probably means the user is in non logged mode. > 2017-03-15 13:39:12,357 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] > DEBUG x.c.l.XWikiLDAPAuthServiceImpl - XWikiUser: null > > I don't understand why the provided user is null. > > Does Anybody? I apologize for the dumb question. But I have no idea where > to go from here. > > Thanks > Doug > > > The information contained in this transmission may contain West Marine > proprietary, confidential and/or privileged information. It is intended only > for the use of the person(s) named above. If you are not the intended > recipient, you are hereby notified that any review, dissemination, > distribution or duplication of this communication is strictly prohibited. > If you are not the intended recipient, please contact the sender by reply > email and destroy all copies of the original message. To reply to our email > administrator directly, please send an email to netad...@westmarine.com. > > The information contained in this transmission may contain West Marine > proprietary, confidential and/or privileged > information. It is intended only for the use of the person(s) named above. > If you are not the intended recipient, you are > hereby notified that any review, dissemination, distribution or duplication > of this communication is strictly prohibited. > If you are not the intended recipient, please contact the sender by reply > email and destroy all copies of the original > message. To reply to our email administrator directly, please send an email > to netad...@westmarine.com. -- Thomas Mortagne
Re: [xwiki-users] LDAP Auth again
On Wed, Mar 15, 2017 at 8:56 PM, Douglas Landauwrote: > That's it, the LDAP authenticator is used as authenticator and you have what > is described on > http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Application/ > when you do to the administration -> LDAP. > >>If you think you configured LDAP authenticator with the right values and >>login still fail then you should do what is explained on >>>http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HEnableLDAPdebuglog >>and you will have all the details to see why it fails. > > Great! Thanks. Did so. Now I get a whole lot of copies of the 1st message > below: " The provided user is null. We don't try to authenticate, it > probably means the user is in non logged mode." You are not look in the right place. Authenticators are always called even when you are not yet logged so you get this message when you access the login page. LDAP authenticator just indicate that there is not much it can do here. Look at the big message below: > 2017-03-15 12:42:30,422 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConnection- Binding to LDAP server with > credentials login=[cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net] > Caused by: com.novell.ldap.LDAPException: Invalid Credentials Looks like the password you indicated in xwiki.authentication.ldap.bind_pass is wrong (since you explicitly indicated a bind_DN you need the corresponding password). > > But I did provide a user, in this line: > xwiki.authentication.ldap.bind_DN=cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net > > ...and I see that that line has been seen: > 2017-03-15 12:42:30,422 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConnection- Binding to LDAP server with > credentials login=[cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net] > 2017-03-15 12:42:30,537 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. > > > Was I suppose to specifiy the/a user on some other line? > Thanks > > - > 2017-03-15 12:42:30,231 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't > try to authenticate, it probably means the user is in non logged mode. > 2017-03-15 12:42:30,231 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > TRACE x.c.l.XWikiLDAPAuthServiceImpl - Starting LDAP authentication > 2017-03-15 12:42:30,232 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConfig- remoteUserParser: null > 2017-03-15 12:42:30,271 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConfig- ldap_group_classes: [groupofnames, > posixgroup, apple-group, groupofuniquenames, dynamicgroup, > groupwisedistributionlist, group, dynamicgroupaux] > 2017-03-15 12:42:30,271 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConfig- ldap_group_memberfields: > [uniquemember, memberuid, member] > 2017-03-15 12:42:30,382 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConnection- Connection to LDAP server > [pwsdc03.westmarine.net:389] > 2017-03-15 12:42:30,422 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG o.x.c.l.XWikiLDAPConnection- Binding to LDAP server with > credentials login=[cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net] > 2017-03-15 12:42:30,537 > [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. > org.xwiki.contrib.ldap.XWikiLDAPException: Error number 0 in 5: LDAP bind > failed with LDAPException. > at > org.xwiki.contrib.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:227) > at > org.xwiki.contrib.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:155) > at > org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:515) > at > org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:331) > at > org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:267) > at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:272) > at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:192) > at >
Re: [xwiki-users] LDAP Auth again
What does this mean? #-# LDAP credentials, empty = anonymous access, otherwise specify full dn #-# {0} is replaced with the user name, {1} with the password #xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP #xwiki.authentication.ldap.bind_pass={1} Does this mean that {0} is going to be replaced at runtime, or that I should replace it? Thanks -Original Message- From: users [mailto:users-boun...@xwiki.org] On Behalf Of Douglas Landau Sent: Wednesday, March 15, 2017 1:44 PM To: XWiki Users Subject: Re: [xwiki-users] LDAP Auth again Hmm. I've set these two lines to: xwiki.authentication.ldap.bind_DN=cn={0},dc=westmarine,dc=net xwiki.authentication.ldap.bind_pass={1} ... and still get a Java stacktrace surrounded by these: 2017-03-15 13:39:12,357 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2017-03-15 13:39:12,357 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - XWikiUser: null I don't understand why the provided user is null. Does Anybody? I apologize for the dumb question. But I have no idea where to go from here. Thanks Doug The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To reply to our email administrator directly, please send an email to netad...@westmarine.com. The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To reply to our email administrator directly, please send an email to netad...@westmarine.com.
Re: [xwiki-users] LDAP Auth again
Hmm. I've set these two lines to: xwiki.authentication.ldap.bind_DN=cn={0},dc=westmarine,dc=net xwiki.authentication.ldap.bind_pass={1} ... and still get a Java stacktrace surrounded by these: 2017-03-15 13:39:12,357 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2017-03-15 13:39:12,357 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - XWikiUser: null I don't understand why the provided user is null. Does Anybody? I apologize for the dumb question. But I have no idea where to go from here. Thanks Doug The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To reply to our email administrator directly, please send an email to netad...@westmarine.com.
Re: [xwiki-users] LDAP Auth again
Greets, I am getting the same results no matter what I set as the value for: xwiki.authentication.ldap.bind_DN=cn=sa-douglasl I see it says that LDAP auth failed for douglasl, which I don’t understand yet, but whu then is the XWikiUser null? Thanks 2017-03-15 13:13:03,767 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB 2017-03-15 13:13:03,775 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user [douglasl] 2017-03-15 13:13:03,775 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - XWikiUser: null 2017-03-15 13:13:04,304 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] TRACE x.c.l.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2017-03-15 13:13:04,304 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2017-03-15 13:13:04,304 [http://dwswiki9.westmarine.net:8080/xwiki/bin/get/TourCode/TourJson?xpage=plain=plain=XWiki.XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - XWikiUser: null Am I setting the wrong thing? Thanks The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To reply to our email administrator directly, please send an email to netad...@westmarine.com.
Re: [xwiki-users] LDAP Auth again
That's it, the LDAP authenticator is used as authenticator and you have what is described on http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Application/ when you do to the administration -> LDAP. >If you think you configured LDAP authenticator with the right values and login >still fail then you should do what is explained on >>http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HEnableLDAPdebuglog >and you will have all the details to see why it fails. Great! Thanks. Did so. Now I get a whole lot of copies of the 1st message below: " The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode." But I did provide a user, in this line: xwiki.authentication.ldap.bind_DN=cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net ...and I see that that line has been seen: 2017-03-15 12:42:30,422 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG o.x.c.l.XWikiLDAPConnection- Binding to LDAP server with credentials login=[cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net] 2017-03-15 12:42:30,537 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. Was I suppose to specifiy the/a user on some other line? Thanks - 2017-03-15 12:42:30,231 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2017-03-15 12:42:30,231 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE x.c.l.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2017-03-15 12:42:30,232 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG o.x.c.l.XWikiLDAPConfig- remoteUserParser: null 2017-03-15 12:42:30,271 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG o.x.c.l.XWikiLDAPConfig- ldap_group_classes: [groupofnames, posixgroup, apple-group, groupofuniquenames, dynamicgroup, groupwisedistributionlist, group, dynamicgroupaux] 2017-03-15 12:42:30,271 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG o.x.c.l.XWikiLDAPConfig- ldap_group_memberfields: [uniquemember, memberuid, member] 2017-03-15 12:42:30,382 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG o.x.c.l.XWikiLDAPConnection- Connection to LDAP server [pwsdc03.westmarine.net:389] 2017-03-15 12:42:30,422 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG o.x.c.l.XWikiLDAPConnection- Binding to LDAP server with credentials login=[cn=sa-douglasl,ou=SystemsEngineering,dc=westmarine,dc=net] 2017-03-15 12:42:30,537 [http://dwswiki9.westmarine.net:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. org.xwiki.contrib.ldap.XWikiLDAPException: Error number 0 in 5: LDAP bind failed with LDAPException. at org.xwiki.contrib.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:227) at org.xwiki.contrib.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:155) at org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:515) at org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:331) at org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:267) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:272) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:192) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:174) at com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:239) at org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl.checkAuth(XWikiLDAPAuthServiceImpl.java:163) at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3776) at org.xwiki.security.authorization.internal.XWikiCachingRightService.authenticateUser(XWikiCachingRightService.java:242) at org.xwiki.security.authorization.internal.XWikiCachingRightService.checkAccess(XWikiCachingRightService.java:272) at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3794) at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4844) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:364) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:210) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425) at
Re: [xwiki-users] LDAP Auth again
I never use the LDAP application myself but here is what I would do: * start XWiki * go to the admin and install "LDAP Application" (it's possible you have to click the "All remote extensions" blue button to see this extension) * modify the xwiki.cfg and copy/paste everything that can be found on http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/ among which you can find the following important parts: #-# LDAP authentication service xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl and #-# If ldap authentication fails for any reason, try XWiki DB authentication with the same credentials #-# - 0: disable #-# - 1: enable #-# The default is 0 xwiki.authentication.ldap.trylocal=1 since I want to access the administration even when the LDAP authenticator is not properly configured. * restart XWiki That's it, the LDAP authenticator is used as authenticator and you have what is described on http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Application/ when you do to the administration -> LDAP. If you think you configured LDAP authenticator with the right values and login still fail then you should do what is explained on http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HEnableLDAPdebuglog and you will have all the details to see why it fails. On Wed, Mar 15, 2017 at 4:20 AM, Douglas Landauwrote: > OK, now I'm -totally- confused. :-) I am looking for the LDAP > Application form. > > I started over with the standalone installer. > I installed the LDAP Authenticator using the built-in (pre-installed?) admin > application > I tried adding the LDAP settings found here to xwiki.cfg: > http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/ > Therefore I have "xwiki.authentication.ldap=1" > I also set a value/server-hostname for "xwiki.authentication.ldap.server=" > I left these two lines uncommented, hoping for anonymous LDAP binding, which > I am told we offer. > > xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP > xwiki.authentication.ldap.bind_pass={1} > > I have a value for "xwiki.authentication.ldap.base_DN=" > I stopped XWiki by pressing Control-C twice in the window in which I started > it using start_xwiki.sh, since I never got a prompt back. > I modified my xwiki.cfg but am not able to log in using LDAP. > I saw where it says "if you are not using the LDAP application, you will have > to redeploy". But I don’t know what that means or see it explained anywhere. > So I installed the LDAP Application. Version 9.2.3. The version of the > LDAP Authenticator is also 9.2.3. I installed XWiki 8.4.4. > I finally got to a known point! PHEW! I go to > here, from the LDAP Application page: > --- > Enabling LDAP authentication on a wiki > The LDAP application assumes LDAP is enabled as the main authenticator via > the bundled XWiki LDAP authenticator. If it's not the case, you will be > "welcomed" with the following warning message: > > ldap-authenticator-warning.png > > In the event you encounter this message, please report to Authenticator > documentation in order to enable the LDAP authenticator on your wiki. > > You need to make sure you have have the following in your xwiki.cfg file: > > xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl > since LDAP Application 8.3 or if you are using older version of the > application: > > xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl > Uncomment it and then restart XWiki. > - > > Okay Right ON. Now, it says "Since LDAP Application 8.3 or if you are > using an older version of the application." > This is confusing to me. Since 8.3 I ought to use that line, and also if I > am using an older version?!? OK, I'll try that, since I am using 9.2.3, and > it sounds like I ought be using that ever since 8.3. And I got Java errors > when I tried to start xwiki again. > Okay. I guess that is not going to work. I'll try the other line, the first > one suggested. That time I got no Java errors. > Now I have this: > xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl > > Okay. After setting that to that, I was able to start xwiki again. I > logged in as Admin and went to the LDAP Application. The page is titled > "LDAP Admin sheet". There is some whitespace. The in large font is the > work "Configuration". There is a pencil on the far right. Below that is the > word "Miscellaneous". Another pencil on the far right. Below that is a > button "Reset group cache". I pressed it. I then clicked the pencil to the > right of "Configuration". There is
[xwiki-users] LDAP Auth again
OK, now I'm -totally- confused. :-) I am looking for the LDAP Application form. I started over with the standalone installer. I installed the LDAP Authenticator using the built-in (pre-installed?) admin application I tried adding the LDAP settings found here to xwiki.cfg: http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/ Therefore I have "xwiki.authentication.ldap=1" I also set a value/server-hostname for "xwiki.authentication.ldap.server=" I left these two lines uncommented, hoping for anonymous LDAP binding, which I am told we offer. xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP xwiki.authentication.ldap.bind_pass={1} I have a value for "xwiki.authentication.ldap.base_DN=" I stopped XWiki by pressing Control-C twice in the window in which I started it using start_xwiki.sh, since I never got a prompt back. I modified my xwiki.cfg but am not able to log in using LDAP. I saw where it says "if you are not using the LDAP application, you will have to redeploy". But I don’t know what that means or see it explained anywhere. So I installed the LDAP Application. Version 9.2.3. The version of the LDAP Authenticator is also 9.2.3. I installed XWiki 8.4.4. I finally got to a known point! PHEW! I go to here, from the LDAP Application page: --- Enabling LDAP authentication on a wiki The LDAP application assumes LDAP is enabled as the main authenticator via the bundled XWiki LDAP authenticator. If it's not the case, you will be "welcomed" with the following warning message: ldap-authenticator-warning.png In the event you encounter this message, please report to Authenticator documentation in order to enable the LDAP authenticator on your wiki. You need to make sure you have have the following in your xwiki.cfg file: xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl since LDAP Application 8.3 or if you are using older version of the application: xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl Uncomment it and then restart XWiki. - Okay Right ON. Now, it says "Since LDAP Application 8.3 or if you are using an older version of the application." This is confusing to me. Since 8.3 I ought to use that line, and also if I am using an older version?!? OK, I'll try that, since I am using 9.2.3, and it sounds like I ought be using that ever since 8.3. And I got Java errors when I tried to start xwiki again. Okay. I guess that is not going to work. I'll try the other line, the first one suggested. That time I got no Java errors. Now I have this: xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl Okay. After setting that to that, I was able to start xwiki again. I logged in as Admin and went to the LDAP Application. The page is titled "LDAP Admin sheet". There is some whitespace. The in large font is the work "Configuration". There is a pencil on the far right. Below that is the word "Miscellaneous". Another pencil on the far right. Below that is a button "Reset group cache". I pressed it. I then clicked the pencil to the right of "Configuration". There is nothing there. Where is the form I see on this page: http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Application/ ??? I see no error msgs or guidance of any sort going to the window in which I started xwiki. I still can't log in using LDAP credentials. OK Now I've uncommeted out these two lines and removed their values: xwiki.authentication.ldap.bind_DN= xwiki.authentication.ldap.bind_pass= Same story. Maybe I'll give up on anonymous binding. OK, now I've filled those in. I've restarted and same story - cant auth using LDAP and can't find the form, just a pencil on the LDAP Admin sheet. Not sure what to do next except start over with XWiki 9. Guess I'll get that going in another VM. Help? Thanks. The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To reply to our email administrator directly, please send an email to netad...@westmarine.com.