[
http://jira.xwiki.org/jira/browse/XWIKI-1079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_22279
]
Thomas Mortagne commented on XWIKI-1079:
----------------------------------------
Hi,
As Vincent said I'm looking for adding groups support to XWiki LDAP and for now
I'm fixing some problems in this patch about XWiki api use, documentation etc.
As soon as I will finish the cleaning I will repost it as a real patch in this
issue then continue work and testing based on it. I'm not a LDAP expert so it
takes some times (in fact it's the first time I'm using it), sorry :)
Thanks,
Thomas
> LDAP Authentication
> -------------------
>
> Key: XWIKI-1079
> URL: http://jira.xwiki.org/jira/browse/XWIKI-1079
> Project: XWiki Platform
> Issue Type: Improvement
> Components: Admin, Authentication and Rights Management, Plugin -
> Other, Wiki features
> Affects Versions: 1.0 B6
> Reporter: Gunter Leeb
> Assigned To: Sergiu Dumitriu
> Fix For: 1.3 M2
>
> Attachments: ldap.zip, LDAPAuthenticater.class,
> LDAPAuthenticater.java, LDAPAuthenticater.java, LDAPAuthenticater.java,
> ssl.zip, XWiki.zip
>
>
> I have finished the implementation of a substitude LDAP authentication class.
> The new features and changes:
> - Separate LDAP login and authentication validation
> - An LDAP group membership is first checked before a user can be
> authenticated against LDAP
> - LDAP Groups are handled recursivly (groups in groups)
> - LDAP Groups and their members are cached with an expiration
> - LDAP attributes can update XWiki user attributes configurable at create
> time or on every login
> - LDAP group membership can be sync'ed with XWiki group membership
> - If authentication with LDAP fails it still will try to authenticate against
> the XWiki DB
> - detailed comments in xwiki.cfg
> - pretty much every detail of the behavior can be configured in xwiki.cfg
> - as far as I can see, all valuable features from the old LDAPAuthServiceImpl
> are reimplemented (except for LDAP bind being sufficent for login implemented
> by the check_level configuration)
> - I have tried to implement all the feature requests about LDAP that I have
> heard about
> - any LDAP attribute can be used containing the XWiki name
> Known Issues:
> - joining an XWiki group or removing someone from a group does not appear to
> work correctly
> - creating a user appears incomplete to me
> I tested against OpenLDAP and Novell eDirectory.
> I would like to ask for a code-read, verification of how the module is using
> the XWiki APIs and testing in various environments.
> Most of all, I am looking for feedback.
> This is not a final version!
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.xwiki.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
notifications mailing list
notifications@xwiki.org
http://lists.xwiki.org/mailman/listinfo/notifications
