I have successfully configured our xwiki site to use LDAP authentication against Active Directory. The convention for the user IDs in our Active Directory is to use a period to separate the given name and surname as in mark.sack. I added the LDAPProfileClass object to the user profiles to map the Active Directory IDs to the internal wiki ones. I had created the users before implementing the Active Directory authentication with the convention of an underscore in between the given name and the surname.
Now I would like to implement a single signon solution for all of our applications and have set up a CAS server to authenticate against Active Directory. The authentication works fine but the CAS authentication in xwiki seems to simply strip out the period in the Active Directory ID instead of mapping to the existing user. I observed the following behaviour: - in xwiki.cfg, if I set xwiki.authentication.cas.create_user to 1 and login as mark.sack (with my Active Directory password), the login is successful. But xwiki creates a new user with id marksack instead of mapping to the existing mark_sack user (mark_sack has the LDAPProfileClass set to mark.sack). - in xwiki.cfg, if I set xwiki.authentication.cas.create_user to 0 and login as mark.sack, the login fails with a message that to the effect that the user does not exist. How could I achieve the mapping of xwiki users to Active Directory for CAS authentication? Our system is relatively small (about 40 users so far) and has not yet really been rolled out to the user community. So if need be, I could create new xwiki users following the convention required by xwiki (no character between the given name and surname). But I would prefr to avoid that if I can. -- View this message in context: http://xwiki.475771.n2.nabble.com/Jasig-CAS-authentication-and-users-with-periods-in-the-id-tp7598674.html Sent from the XWiki- Users mailing list archive at Nabble.com. _______________________________________________ users mailing list firstname.lastname@example.org http://lists.xwiki.org/mailman/listinfo/users