The group and permission system in the jspwiki is rather dynamic, and
ldaps tends to be readonly except for a groups of administrators.
There for there is still need for the user.xml and group.xml. But in
my opinion the user.xml needs to be automatically updated when a new
ldap user is logged in.
Otherwise granting and managing jspwiki permissions i a nightmare,
this also enhanced since there is no check on if a user exist - when
adding users to wiki group or setting a page permission.
I think the following should be changed.
- First time a new user is logged in - the user should be added to the
the user.xml and redirect to the profile page for setting additional
information (email, full name and section edition etc)
- Adding page permission should lookup if the group or the user exist.
- Adding users to a wiki group should only be possible for existing
users.
/Thomas
On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
Why allow people to eliminate the user.xml?
Why not allow the use of LDAP for the user profile?
Allow mapping the LDAP attributes to the profile values?
Enterprises have no desire to maintain another separate user store of
information. Many already have a central LDAP store.
-jim
Jim Willeke
On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <[email protected]>
wrote:
I would suggest a change, if a ldap user is logging the first
time. the
Wiki should create the user in the user.xml - it gives a lot of
problem when
adding a ldap user to a wiki group, since it possible that the user
isn't
created.
On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
If a user creates a user profile after logging into the container,
he or
she will have an opportunity to specify a "full name." If a full
name is
supplied, it will be used in page histories etc from that point
forward.
Andrew
On Oct 22, 2009, at 16:34, Harald Krammer <[email protected]>
wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello,
I run JSPWiki with Web Container Authentication via LDAP and it
runs
fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
Only the visualization of real user name is still missing. I get
only
the login name (short name) instead of the full name in the change
history and so on. Is it a default behaviour or misconfiguration?
Nice greetings,
Harald
- --
Harald Krammer
Brucknerstrasse 33
A - 4020 Linz
AUSTRIA
Mobil +43.(0) 664. 130 59 58
Mail: Harald.Krammer (at) hkr.at
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
=Kd7Y
-----END PGP SIGNATURE-----
