On Tue, Apr 29, 2008 at 1:30 PM, werner mueller
<[EMAIL PROTECTED]> wrote:
> Hallo
>
> thanks for the hints.
>
> i tried some other configurations but with no luck. it seems not every
> user is allowed to query the ldap structure. i have to use a special
> user/password to bind xwiki to the active directory. that user can login
> but thats not a solution. aloow everyone to query the ad is not an
> option for us.
>
> has anyone a working active directory config he or she could share?
>
> is it possible to trick xwiki to use a different user to bind to the AD
> and then use username/password from login to process the login?
> i've been doing similar things for bugzilla/ldap using LDAPbinddn =
> cn=<LDAPQUERYUSERNAME>,cn=Users,dc=domain,dc=com:<LDAPQUERYPASSWORD>
Yes and it's the default way to work for LDAP authenticator. You can
see in default xwiki.cfg :
#-# LDAP login, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the username, {1} with the password
#xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
#xwiki.authentication.ldap.bind_pass={1}
So in your case it would be :
xwiki.authentication.ldap.bind_DN=cn={0},cn=Users,dc=domain,dc=com
xwiki.authentication.ldap.bind_pass={1}
>
> btw: yes i am sure its version 1.3.2.9174. its the one copy pasted from
> xwiki. unless its not correct there but that would be weird.
>
>
> any hints or examples would be cool :)
> thanks a lot
>
> regards
>
> werner
>
>
>
> Thomas Mortagne schrieb:
> > Also I think
> http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HLDAPConfigurationforActiveDirectory
> > is based in old LDAP authenticator (see
> > http://platform.xwiki.org/xwiki/bin/view/AdminGuide/AuthenticationLdapOld).
> >
> > On Thu, Apr 17, 2008 at 7:35 PM, Thomas Mortagne
> > <[EMAIL PROTECTED]> wrote:
> >> Hi,
> >>
> >>
> >>
> >> On Thu, Apr 17, 2008 at 7:02 PM, werner mueller
> >> <[EMAIL PROTECTED]> wrote:
> >> > hallo
> >> >
> >> > i am currently trying to setup xwiki on taomcat 5.5/mysql. until now
> its
> >> > doing quite well :)
> >> >
> >> > my next step is to get ldap authentication against an active directory
> >> > working. i followed
> >> >
> http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HLDAPConfigurationforActiveDirectory
> >> > and some postings on the mailing list but i cant get it to work.
> >> >
> >> > i either end up with:
> >> > com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5:
> LDAP
> >> > bind failed with LDAPException.
> >> > Wrapped Exception: Invalid Credentials
> >> >
> >> > or worse (with in my eyes the propper config):
> >> > WARN LDAP.XWikiLDAPAuthS
> >> > erviceImpl - LDAP authentication failed.
> >> > java.lang.NullPointerException
> >> > at
> >> >
> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:256)
> >> > at
> >> >
> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:107)
> >> > at
> >> >
> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:194)
> >> > at
> >> >
> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:127)
> >> > at
> >> >
> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:112)
> >> > at
> >> >
> com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:214)
> >> > at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3307)
> >> > at
> >> >
> com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:136)
> >> > at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3315)
> >> > at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4259)
> >> > at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:173)
> >> > ...
> >>
> >> Could you copy/paste your configuration.
> >>
> >>
> >> >
> >> >
> >> > i've done ldap auth on several other tools (apache/subversion,
> >> > bugzilla). there i used two accounts: one allowed to bind to the
> active
> >> > directory and do searches and the useraccount itself.
> >> >
> >> > in the xwiki config i can only see the user logging in is used to bind
> >> > to the ldap server?
> >>
> >> You can define a user able to bind to the active directory using
> >> "bind_DN" and "bind_pass" properties and it will search for provided
> >> login in ldap based on "UID_attr" property
> >>
> >>
> >> >
> >> >
> >> > is the documentation current for xwiki 1.3.2.9174? or can someone give
> >> > me a hint to make this work?
> >>
> >> Are you sure you use xwiki-core 1.3.2 version, I can't find in the
> >> code what could make NullPointerException at
> >> XWikiLDAPAuthServiceImpl.java:256
> >>
> >>
> >> >
> >> >
> >> > thanks a lot
> >> > regards
> >> >
> >> > werner
> >> >
> >> > _______________________________________________
> >> > users mailing list
> >> > users@xwiki.org
> >> > http://lists.xwiki.org/mailman/listinfo/users
> >> >
> >>
> >>
> >>
> >> --
> >> Thomas Mortagne
> >>
> >
> >
> >
>
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
--
Thomas Mortagne
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
