Re: [xwiki-users] LDAP user import vs registering new user
W dniu 10-10-12 12:28, Thomas Mortagne wrote: > On Tue, Oct 12, 2010 at 12:22, Piotr Dziubecki wrote: >> >> >> W dniu 10-10-12 12:10, Thomas Mortagne wrote: >>> On Tue, Oct 12, 2010 at 12:03, Piotr Dziubecki >>> wrote: W dniu 10-10-12 11:41, Thomas Mortagne wrote: > On Tue, Oct 12, 2010 at 11:12, Piotr Dziubecki > wrote: >> Hi, >> >> I'm testing the ldap features of xwiki and have a question regarding >> importing /registering new user. >> >> I managed to setup ldap authentication with user import and group >> mapping. The question is connected with >> this configuration flag: >> >> #-# Specifies the LDAP attribute containing the identifier to be used as >> the XWiki name (default=cn) >> xwiki.authentication.ldap.UID_attr=mail >> >> >> What I would achieve is a user authentication with his mail/password ( >> which is pretty common nowadays ). >> >> It works with ldap and after a successful authentication with i.e. >> mail = br...@7cogs.com, >> >> a new user is created with the following value: >> >> username = br...@7cogscom >> >> I assume that the 'dot' is not allowed to be used in the username string >> ? > > It's not really a user name limitation but the fact that the user id > is the user profile page name which not does yet fully support dot. > >> >> In my scenario there will be also a need for registering new users in a >> traditional (xwiki ) way but it >> seems to be impossible to provide a mail as a username ( even though the >> client side validation seems to not >> complain about that initially ): >> >> Invalid username provided. Please use only letters from the latin >> alphabet, numbers, and the underscore >> character. > > That's because the UI to create users is over precautionnous and does > not allow anny "special" character. > > Do you really need your "normal" XWiki user name to contain a @ ? Not really, what I want is to have a possibility to choose a field against which user can authenticate himself ( of course, I understand that not every field is unique but email meets that requirement ). > >> >> Do you have any clues how to achieve that ? maybe it's possible to set a >> flag in xwiki config similar to the >> ldap solution ( identifier to be used as the XWiki name ).. > > If what you want is to create a XWiki user and then link it to LDAP, > the user id does not really matter. All you have to do is to add the > same object LDAP users have and provide the proper uid and DN in that > object. That is a solution, but in my case i have different users, one group with their user credentials stored in the LDAP and another group which will exist only in Wiki. For both of them I would like to have a uniform authentication policy ( mail/password ). Currently this method is the most popular one ( google, facebook etc. ) and this is the reason of my queries. >>> >>> Ok i understand now, sorry impossible to use a mail as normal XWiki >>> user. LDAP authenticator is doing mapping hack to be able to support >>> anything bu with the limitation on pages names impossible to support >>> the same with standard users yet. >> >> I'm just thinking that in fact for such an application we could design >> scenario like this: >> >> 1. user registers himself in xwiki with a regular username, mail and other >> necessary data. >> 2. admin sets an option to select a user e-mail as an identifier to be used >> as the XWiki login >> 3. user tries to login to the portal with email/password, system search for >> the username mapped to that >> email and tries to authenticate user with provider password. >> >> This is more or less the idea I'm talking about :) > > You can always write your own authenticator which will authenticate of > mail/password instead of id/password. See > http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HCustomAuthentication > Thanks, I'll surely look at this ! Cheers, Piotr ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] LDAP user import vs registering new user
On Tue, Oct 12, 2010 at 12:22, Piotr Dziubecki wrote: > > > W dniu 10-10-12 12:10, Thomas Mortagne wrote: >> On Tue, Oct 12, 2010 at 12:03, Piotr Dziubecki wrote: >>> W dniu 10-10-12 11:41, Thomas Mortagne wrote: On Tue, Oct 12, 2010 at 11:12, Piotr Dziubecki wrote: > Hi, > > I'm testing the ldap features of xwiki and have a question regarding > importing /registering new user. > > I managed to setup ldap authentication with user import and group > mapping. The question is connected with > this configuration flag: > > #-# Specifies the LDAP attribute containing the identifier to be used as > the XWiki name (default=cn) > xwiki.authentication.ldap.UID_attr=mail > > > What I would achieve is a user authentication with his mail/password ( > which is pretty common nowadays ). > > It works with ldap and after a successful authentication with i.e. > mail = br...@7cogs.com, > > a new user is created with the following value: > > username = br...@7cogscom > > I assume that the 'dot' is not allowed to be used in the username string ? It's not really a user name limitation but the fact that the user id is the user profile page name which not does yet fully support dot. > > In my scenario there will be also a need for registering new users in a > traditional (xwiki ) way but it > seems to be impossible to provide a mail as a username ( even though the > client side validation seems to not > complain about that initially ): > > Invalid username provided. Please use only letters from the latin > alphabet, numbers, and the underscore > character. That's because the UI to create users is over precautionnous and does not allow anny "special" character. Do you really need your "normal" XWiki user name to contain a @ ? >>> Not really, what I want is to have a possibility to choose a field against >>> which user can authenticate >>> himself ( of course, I understand that not every field is unique but email >>> meets that requirement ). >>> > > Do you have any clues how to achieve that ? maybe it's possible to set a > flag in xwiki config similar to the > ldap solution ( identifier to be used as the XWiki name ).. If what you want is to create a XWiki user and then link it to LDAP, the user id does not really matter. All you have to do is to add the same object LDAP users have and provide the proper uid and DN in that object. >>> >>> That is a solution, but in my case i have different users, one group with >>> their user credentials stored in >>> the LDAP and another group which will exist only in Wiki. For both of them >>> I would like to have a uniform >>> authentication policy ( mail/password ). Currently this method is the most >>> popular one ( google, facebook >>> etc. ) and this is the reason of my queries. >> >> Ok i understand now, sorry impossible to use a mail as normal XWiki >> user. LDAP authenticator is doing mapping hack to be able to support >> anything bu with the limitation on pages names impossible to support >> the same with standard users yet. > > I'm just thinking that in fact for such an application we could design > scenario like this: > > 1. user registers himself in xwiki with a regular username, mail and other > necessary data. > 2. admin sets an option to select a user e-mail as an identifier to be used > as the XWiki login > 3. user tries to login to the portal with email/password, system search for > the username mapped to that > email and tries to authenticate user with provider password. > > This is more or less the idea I'm talking about :) You can always write your own authenticator which will authenticate of mail/password instead of id/password. See http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HCustomAuthentication > > Cheers, > Piotr > ___ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > -- Thomas Mortagne ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] LDAP user import vs registering new user
W dniu 10-10-12 12:10, Thomas Mortagne wrote: > On Tue, Oct 12, 2010 at 12:03, Piotr Dziubecki wrote: >> W dniu 10-10-12 11:41, Thomas Mortagne wrote: >>> On Tue, Oct 12, 2010 at 11:12, Piotr Dziubecki >>> wrote: Hi, I'm testing the ldap features of xwiki and have a question regarding importing /registering new user. I managed to setup ldap authentication with user import and group mapping. The question is connected with this configuration flag: #-# Specifies the LDAP attribute containing the identifier to be used as the XWiki name (default=cn) xwiki.authentication.ldap.UID_attr=mail What I would achieve is a user authentication with his mail/password ( which is pretty common nowadays ). It works with ldap and after a successful authentication with i.e. mail = br...@7cogs.com, a new user is created with the following value: username = br...@7cogscom I assume that the 'dot' is not allowed to be used in the username string ? >>> >>> It's not really a user name limitation but the fact that the user id >>> is the user profile page name which not does yet fully support dot. >>> In my scenario there will be also a need for registering new users in a traditional (xwiki ) way but it seems to be impossible to provide a mail as a username ( even though the client side validation seems to not complain about that initially ): Invalid username provided. Please use only letters from the latin alphabet, numbers, and the underscore character. >>> >>> That's because the UI to create users is over precautionnous and does >>> not allow anny "special" character. >>> >>> Do you really need your "normal" XWiki user name to contain a @ ? >> Not really, what I want is to have a possibility to choose a field against >> which user can authenticate >> himself ( of course, I understand that not every field is unique but email >> meets that requirement ). >> >>> Do you have any clues how to achieve that ? maybe it's possible to set a flag in xwiki config similar to the ldap solution ( identifier to be used as the XWiki name ).. >>> >>> If what you want is to create a XWiki user and then link it to LDAP, >>> the user id does not really matter. All you have to do is to add the >>> same object LDAP users have and provide the proper uid and DN in that >>> object. >> >> That is a solution, but in my case i have different users, one group with >> their user credentials stored in >> the LDAP and another group which will exist only in Wiki. For both of them I >> would like to have a uniform >> authentication policy ( mail/password ). Currently this method is the most >> popular one ( google, facebook >> etc. ) and this is the reason of my queries. > > Ok i understand now, sorry impossible to use a mail as normal XWiki > user. LDAP authenticator is doing mapping hack to be able to support > anything bu with the limitation on pages names impossible to support > the same with standard users yet. I'm just thinking that in fact for such an application we could design scenario like this: 1. user registers himself in xwiki with a regular username, mail and other necessary data. 2. admin sets an option to select a user e-mail as an identifier to be used as the XWiki login 3. user tries to login to the portal with email/password, system search for the username mapped to that email and tries to authenticate user with provider password. This is more or less the idea I'm talking about :) Cheers, Piotr ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] LDAP user import vs registering new user
On Tue, Oct 12, 2010 at 12:03, Piotr Dziubecki wrote: > W dniu 10-10-12 11:41, Thomas Mortagne wrote: >> On Tue, Oct 12, 2010 at 11:12, Piotr Dziubecki wrote: >>> Hi, >>> >>> I'm testing the ldap features of xwiki and have a question regarding >>> importing /registering new user. >>> >>> I managed to setup ldap authentication with user import and group mapping. >>> The question is connected with >>> this configuration flag: >>> >>> #-# Specifies the LDAP attribute containing the identifier to be used as >>> the XWiki name (default=cn) >>> xwiki.authentication.ldap.UID_attr=mail >>> >>> >>> What I would achieve is a user authentication with his mail/password ( >>> which is pretty common nowadays ). >>> >>> It works with ldap and after a successful authentication with i.e. >>> mail = br...@7cogs.com, >>> >>> a new user is created with the following value: >>> >>> username = br...@7cogscom >>> >>> I assume that the 'dot' is not allowed to be used in the username string ? >> >> It's not really a user name limitation but the fact that the user id >> is the user profile page name which not does yet fully support dot. >> >>> >>> In my scenario there will be also a need for registering new users in a >>> traditional (xwiki ) way but it >>> seems to be impossible to provide a mail as a username ( even though the >>> client side validation seems to not >>> complain about that initially ): >>> >>> Invalid username provided. Please use only letters from the latin alphabet, >>> numbers, and the underscore >>> character. >> >> That's because the UI to create users is over precautionnous and does >> not allow anny "special" character. >> >> Do you really need your "normal" XWiki user name to contain a @ ? > Not really, what I want is to have a possibility to choose a field against > which user can authenticate > himself ( of course, I understand that not every field is unique but email > meets that requirement ). > >> >>> >>> Do you have any clues how to achieve that ? maybe it's possible to set a >>> flag in xwiki config similar to the >>> ldap solution ( identifier to be used as the XWiki name ).. >> >> If what you want is to create a XWiki user and then link it to LDAP, >> the user id does not really matter. All you have to do is to add the >> same object LDAP users have and provide the proper uid and DN in that >> object. > > That is a solution, but in my case i have different users, one group with > their user credentials stored in > the LDAP and another group which will exist only in Wiki. For both of them I > would like to have a uniform > authentication policy ( mail/password ). Currently this method is the most > popular one ( google, facebook > etc. ) and this is the reason of my queries. Ok i understand now, sorry impossible to use a mail as normal XWiki user. LDAP authenticator is doing mapping hack to be able to support anything bu with the limitation on pages names impossible to support the same with standard users yet. > > > Regards, > Piotr > ___ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > -- Thomas Mortagne ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] LDAP user import vs registering new user
W dniu 10-10-12 11:41, Thomas Mortagne wrote: > On Tue, Oct 12, 2010 at 11:12, Piotr Dziubecki wrote: >> Hi, >> >> I'm testing the ldap features of xwiki and have a question regarding >> importing /registering new user. >> >> I managed to setup ldap authentication with user import and group mapping. >> The question is connected with >> this configuration flag: >> >> #-# Specifies the LDAP attribute containing the identifier to be used as the >> XWiki name (default=cn) >> xwiki.authentication.ldap.UID_attr=mail >> >> >> What I would achieve is a user authentication with his mail/password ( which >> is pretty common nowadays ). >> >> It works with ldap and after a successful authentication with i.e. >> mail = br...@7cogs.com, >> >> a new user is created with the following value: >> >> username = br...@7cogscom >> >> I assume that the 'dot' is not allowed to be used in the username string ? > > It's not really a user name limitation but the fact that the user id > is the user profile page name which not does yet fully support dot. > >> >> In my scenario there will be also a need for registering new users in a >> traditional (xwiki ) way but it >> seems to be impossible to provide a mail as a username ( even though the >> client side validation seems to not >> complain about that initially ): >> >> Invalid username provided. Please use only letters from the latin alphabet, >> numbers, and the underscore >> character. > > That's because the UI to create users is over precautionnous and does > not allow anny "special" character. > > Do you really need your "normal" XWiki user name to contain a @ ? Not really, what I want is to have a possibility to choose a field against which user can authenticate himself ( of course, I understand that not every field is unique but email meets that requirement ). > >> >> Do you have any clues how to achieve that ? maybe it's possible to set a >> flag in xwiki config similar to the >> ldap solution ( identifier to be used as the XWiki name ).. > > If what you want is to create a XWiki user and then link it to LDAP, > the user id does not really matter. All you have to do is to add the > same object LDAP users have and provide the proper uid and DN in that > object. That is a solution, but in my case i have different users, one group with their user credentials stored in the LDAP and another group which will exist only in Wiki. For both of them I would like to have a uniform authentication policy ( mail/password ). Currently this method is the most popular one ( google, facebook etc. ) and this is the reason of my queries. Regards, Piotr ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] LDAP user import vs registering new user
On Tue, Oct 12, 2010 at 11:12, Piotr Dziubecki wrote: > Hi, > > I'm testing the ldap features of xwiki and have a question regarding > importing /registering new user. > > I managed to setup ldap authentication with user import and group mapping. > The question is connected with > this configuration flag: > > #-# Specifies the LDAP attribute containing the identifier to be used as the > XWiki name (default=cn) > xwiki.authentication.ldap.UID_attr=mail > > > What I would achieve is a user authentication with his mail/password ( which > is pretty common nowadays ). > > It works with ldap and after a successful authentication with i.e. > mail = br...@7cogs.com, > > a new user is created with the following value: > > username = br...@7cogscom > > I assume that the 'dot' is not allowed to be used in the username string ? It's not really a user name limitation but the fact that the user id is the user profile page name which not does yet fully support dot. > > In my scenario there will be also a need for registering new users in a > traditional (xwiki ) way but it > seems to be impossible to provide a mail as a username ( even though the > client side validation seems to not > complain about that initially ): > > Invalid username provided. Please use only letters from the latin alphabet, > numbers, and the underscore > character. That's because the UI to create users is over precautionnous and does not allow anny "special" character. Do you really need your "normal" XWiki user name to contain a @ ? > > Do you have any clues how to achieve that ? maybe it's possible to set a flag > in xwiki config similar to the > ldap solution ( identifier to be used as the XWiki name ).. If what you want is to create a XWiki user and then link it to LDAP, the user id does not really matter. All you have to do is to add the same object LDAP users have and provide the proper uid and DN in that object. > > Thanks in advance, > Piotr > ___ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > -- Thomas Mortagne ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users