I don't know the CAS authenticator but I can certainly answer the LDAP questions. I guess you can always ask ask for the feature on http://jira.xwiki.org/browse/AUTHCAS and hope that the developer will see it.
On Tue, Jul 1, 2014 at 10:43 AM, Pascal BASTIEN <[email protected]> wrote: > Hello, > > I wanted to know if it is possible to filter by groups with CAS authenticator. > http://extensions.xwiki.org/xwiki/bin/view/Extension/Authenticator+Jasig+CAS > I must maps groups with xwikiAllgroups? > > > Are there a parameter like LDAP one? > #-# Only members of the following group can authenticate. > #-# The following kind of groups are supported: > #-# * LDAP static groups (users/subgroups are listed statically in the group > object) > xwiki.authentication.ldap.user_group=xxxxxxx > > and BTW for ldap authentication what's "LDAP static groups (users/subgroups > are listed statically in the group object)" meaning? LDAP is organized as a tree of object/entryies containing properties so in "LDAP static groups" the members of the group are listed directly in one of the LDAP group object/entry property. You have an example in the xwiki.cfg file: XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=domain,c=com where cn=AdminRole,ou=groups,o=domain,c=com is the complete group DN. > If I add a LDAP member in my LDAP group, I must relauinch Tomcat for > synchronsie xwiki group? LDAP group are stored in a cache on XWiki side (see xwiki.authentication.ldap.groupcache_expiration property) so it's possible the group you modify is already in the cache and that you will need to wait a bit or restart tomcat if you want to apply the change right away. > > Thxs. > _______________________________________________ > users mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/users -- Thomas Mortagne _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
