Re: [xwiki-users] Antw: Re: support for LDAP over SSL
Hi Ricardo, Yes, 1-3. is correct. One of the features that I am proposing in JIRA-1079 is the (configurable) fallback authentication using the XWiki DB. My library was developed based on code of the ldap authentication plug-in from XWiki pre-1.0. I have not followed any changes in XWiki's ldap plug-in since then. I have added SSL binding to the LDAP Server later and added the code to the JIRA issue. The code checked in the JIRA issue is a suggestion for improvement of XWiki coming out of the community. It is a plug-in and therefore is fairly independent from the regular XWiki development and build process. By referencing xwiki.jar (and novell's ldap jar) you should be able to compile the sources that I provided. I have also added the class files. You are corret the last bug fixes I checked in in the mentioned attachment. If you haven't done before, before you go thorough compiling the plug-in try out the classes. See if you can handle the configuration. Regards, Gunter Your XEN ICT Team - Ricardo Rodriguez [EMAIL PROTECTED] 04.10.2007 16:38 Gunter Leeb wrote: Hi Sheila and Ricardo The authentication classes JIRA-1079 can use SSL for the connection to the LDAP repository. This component has no way to switch XWiki to use SSL. It would be great if XWiki could be configured to use SSL just for the authentication. Regards, Gunter Hi Gunter, Thanks for jumping in here! Please, let me sum up what I am understanding while dealing with ldap authentication. 1. XE includes a ldap authentication class (ldap-UNKNOWN.jar) which we can not use simultaneously with XWiki DB. If I activate ldap authentication (xwiki.authentication.ldap=1), XWiki DB won't be asked for the existence of a given user. 2. With JIRA-1079 classes it is possible to use ldap authentication and XWiki DB: if ldap fails to authenticate an user, XWiki will check its database before rejecting the login. 3. JIRA-1079 classes support SSL binding with ldap servers. From here, please, *what is the JIRA-1079 class **most updated release **supporting SSL binding? *Is it http://jira.xwiki.org/jira/secure/attachment/11160/LDAPAuthenticater.java date on June 18th, 2007? Please, what do we need to compile it? I've gone ahead and updated to 1.2M1. I am not able to bind to our eDirectory server. I've not used SSL before, so I don't remember how could I connect to an eDirectory server without confidenciality until now. But it worked. Please, do you know if this is possible and how? Thanks. Sorry if I have not skills enough as to follow the JIRA-1079 issue. Mainly I don't understand how it relates with the regular XWiki development process. Any help will be welcome! All the best, Ricardo -- Ricardo RodrÃguez Your XEN ICT Team --- Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. --- ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] Antw: Re: support for LDAP over SSL
Gunter Leeb wrote: Hi Ricardo, Yes, 1-3. is correct. One of the features that I am proposing in JIRA-1079 is the (configurable) fallback authentication using the XWiki DB. Fallback authentication works great. Here a typical sequence registered in xwiki.log 12:02:24,625 [http-193.144.34.240-80-1] ERROR thentication.LDAPAuthenticater - Bind to LDAP server failed. 12:02:24,625 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - Trying authentication against XWiki DB 12:02:24,651 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - Finding user egarciarodeja 12:02:24,652 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - Found user egarciarodeja 12:02:24,653 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - XWiki DB login succeeded My library was developed based on code of the ldap authentication plug-in from XWiki pre-1.0. I have not followed any changes in XWiki's ldap plug-in since then. I am afraid I am not devoting time enough to follow XWiki development, so I am a bit lost. Must I be able to find a LDAP authentication plug-in in XWiki Code Zone? I guess it is bundled in the XWiki distribution? I have added SSL binding to the LDAP Server later and added the code to the JIRA issue. I am using the classes included in ldap.zip dated on May the 29th, 2007. I think the errors I am getting are related with the value of xwiki.authentication.ldap.ssl.keystore parameter. Does this make any sense for you? mire:/home/webmaster/bin # tail -200 xwiki.log | grep SSLException javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) I read in XWIKI-1079 issue: # keystore for certificates / root certificates (default is .keystore in the xwiki-process-users homedirectory) xwiki.authentication.ldap.ssl.keystore=path_to_ssl_keystore Please what is the xwiki-process-users homedirectory? The code checked in the JIRA issue is a suggestion for improvement of XWiki coming out of the community. It is a plug-in and therefore is fairly independent from the regular XWiki development and build process. By referencing xwiki.jar (and novell's ldap jar) you should be able to compile the sources that I provided. JIRA issue XWIKI-1079 is related with XWIKI-865 by Philippe Marzouk. There is a xwiki-ldap-ssl.patch attached there, but no comments or any further information. I understand this proposal has not been considered and never added to the main distribution. And that your classes keep also out of the main distribution and are only available from the JIRA issue, am I right? Please, Gunter, when a suggestion from the community does become part of the official distribution? Just trying to understand how things are done... I have also added the class files. You are corret the last bug fixes I checked in in the mentioned attachment. If you haven't done before, before you go thorough compiling the plug-in try out the classes. See if you can handle the configuration. Regards, Gunter I will try to use your classes, then moved ahead and try to compile the last version. Cheers, Ricardo -- Ricardo RodrÃguez Your XEN ICT Team ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] New Pages - Tags with multiwords
Hi, When I create a new page, I am given the option to create tags to help annotate the document. However, my question is, how can I create multiword tags? For instance, I would like a tag as San Diego. What xwiki does is break the tag into separate words, San and Diego. How can I inform xwiki to use San Diego? Thanks, Josh ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] New Pages - Tags with multiwords
Hi Josh, On Oct 7, 2007, at 4:18 PM, Josh Joy wrote: Hi, When I create a new page, I am given the option to create tags to help annotate the document. However, my question is, how can I create multiword tags? For instance, I would like a tag as San Diego. What xwiki does is break the tag into separate words, San and Diego. How can I inform xwiki to use San Diego? I don't think this is possible right now with our UI interface since all tags are entered on the same line. We'd need to allow adding tags (with a button for example) and thus allow spaces in them. You could open a jira issue for this feature request at http:// jira.xwiki.org Right now you'll have to use either SanDiego or San-Diego (for example). Thanks -Vincent ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] Install problem
Hi, When I try to access http://127.0.0.1:8080/xwiki/bin/view/Main/WebHome; page i get this error: HTTP Status 404 - /xwiki/bin/view/Main/WebHome The requested resource (/xwiki/bin/view/Main/WebHome) is not available. Can you give me some help to solve this problem? Thanks! Loris ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users