[xwiki-users] Displaying just the titles of the blog
Hi, I use the Blog features of XWiki as well as the blog macro to display the entries. On a panel I just want to display the title of the the first five entries (without the content, comments, permalink...). I've been playing aroung with the Blog.Macros but it doesn't work. Is there an easy way to do that ? Thanks, Antonio ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] Attachement checkout
Hi fellow XWikiers, Am curious to know how you have handled the apparent lack of checkout of attachments. Any insights will be useful on how to handle this scenario. 1. User X creates a page and attaches an Excel spreadsheet 2. User Y then downloads the excel and edits it 3. Before Y can upload the new version, X downloads it again and updates the excel 4. User Y uploads the excel Of course, X and Y can see what changed between the versions using tools provided by Excel but this is not very intuitive. Regards, Shiva _ News, entertainment and everything you care about at Live.com. Get it now! http://www.live.com/getstarted.aspx ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] missing tools, what do I need from XAR?
When I upgraded my Xwiki from 1.1 to 1.4rc2 last week I think I was overly cautious about what I should include from the default XAR. I don't have the new user manager and I don't have the new panels wizard. What do I need to include from the default XAR in order to get these tools? Thanks, -Dave -- Dave Mangot Terracotta Inc. 650 Townsend St. Suite 325 San Francisco, CA 94103 USA +1 415 738 4059 [EMAIL PROTECTED] This e-mail incorporates Terracotta's confidentiality policy, which is online at http://www.terracottatech.com/emailconfidentiality.shtml ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] How safe is xwiki?
Multiple answer: Jerome Velociter escreveu: > >> Is XWiki prone to the same kind of problem? > > I'm wondering what kind of answer you can expect here : We won't say XWiki > is "perfectly secured", because there are no such things as perfectly > secured systems in the nature yet ; On the other side, if we hypoteticly > had known unresolved security issues, we would not tell about them here > either, because, well they are unresolved security issues that could be > exploited on running servers. You have a point here :) but then I can be reasonably tranquil that security issues are taken care of... Ronald Parris escreveu: > I run a web hosting service. 99% of the applications deployed are > JAVA based. > 1% of the applications are PHP based. HOWEVER 99% of all application > related security issues we deal with are related to PHP. Ok, that is a reassuring information -- [Ricardo Rodriguez] Your EPEC Network ICT Team escreveu: > > you are comparing two different things. PHP can not be one term of the > comparison. You can compare PHP with Java; or XWiki with MediaWiki (the first running on a Java servlet container, the second running on PHP. Form Ronald's answer above, I can see that Java is reasonably safe as a platform. I was not comparing PHP and XWiki, just giving an example ao security issue... From all your answers, I feel safe enough about using XWiki. Thanks to all, Alain > > Hope this helps, > Jerome. >> Thanks, >> Alain >> >> Sergiu Dumitriu escreveu: >>> Hi Alain, >>> >>> There are 2 security areas when talking about XWiki: the security of the >>> underlying system, and the security of the wiki itself. >>> >>> The first one depends a lot on the security of the container (Tomcat, >>> for example), and I think that most containers are pretty safe to use, >>> as a lot of websites are built on the Java technology. One important >>> aspect is the security model of the JVM; you can leave the container >>> without a security manager, which allows an application to do anything >>> (well, anything the user owning the java process can do on the system), >>> or enable the security manager which allows an application to do only >>> what you tell it to. While enabling the security manager is the safest >>> thing to do, we didn't quite experiment with this, so we can't provide a >>> good policy file that will allow XWiki to run, you will have to write it >>> yourself; there is a minimal file which allows XWiki to start under the >>> security manager, but it isn't tested on more than viewing a page (see >>> http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around >>> with this policy file until you determine the minimum safe set of rules, >>> then you won't have anything to worry about on the system security. >>> >>> The second part is a bit trickier, as it depends a lot on how you manage >>> users and their rights. If you only grant view and edit rights to people >>> you trust, then there shouldn't be any risks. If you open the wiki for >>> public registration and public editing, then you will have the problem >>> any wiki has: anyone can alter the data. This is where the >>> administrator(s) are needed: managing users and their roles/rights. A >>> pretty good thing is that XWiki has versioning, so you can always revert >>> a document to a previous version, and a recycle bin, so you can recover >>> deleted documents. >>> >>> Regarding rights, there is a major issue: XWiki has something called the >>> Programming right, something that allows users to go beyond simple >>> editing, as it allows a user to write scripts that can alter all the >>> data in the wiki, or even scripts that can do anything a java program >>> can do (even access the filesystem and send data over the network). This >>> is where the security manager I talked about above is useful, as it >>> restricts what such a script can do on the system. Now, this is >>> something you should take extra care about: it is not a problem unless >>> you make it one. Never let this right be used in the wiki, it is not >>> intended to be granted to normal users but to your "super" >>> administrators, who know how and when to use this access right. This >>> means that you should only use the default Admin account to setup the >>> wiki, then create a normal user for day-to-day editing. >>> >>> So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only >>> a matter of proper configuration. It does not contain anything >>> inherently unsafe, it is built on a safe platform, with the dangerous >>> things (programming right) locked up by default. >>> >>> Alain M. wrote: Please, can anyone help me on this matter?? I have waited some time but didn't get an answer. This is important, any information will help --- If I install xwiki in a VPS, and leave it running, with a firewall that leaves open only the port that xwiki is using, Could it be
Re: [xwiki-users] Boston and/or New York Meetup this week
If there is a meetup in New York City, I will join! Wei-hsing -- Original message from Ludovic Dubost <[EMAIL PROTECTED]>: -- > > Hello XWiki users and developers, > > I'm in Boston today and tomorrow and could be available for a quick > meetup with users of XWiki if there are some in the area. > I will also be in New York wednesday to saturday. > > Anybody interested in an informal Meetup ? I would love to hear what we > could improve in XWiki and show the latest things we are working on. > > Ludovic > > -- > Ludovic Dubost > Blog: http://blog.ludovic.org/ > XWiki: http://www.xwiki.com > Skype: ldubost GTalk: ldubost > ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] Boston and/or New York Meetup this week
Hello XWiki users and developers, I'm in Boston today and tomorrow and could be available for a quick meetup with users of XWiki if there are some in the area. I will also be in New York wednesday to saturday. Anybody interested in an informal Meetup ? I would love to hear what we could improve in XWiki and show the latest things we are working on. Ludovic -- Ludovic Dubost Blog: http://blog.ludovic.org/ XWiki: http://www.xwiki.com Skype: ldubost GTalk: ldubost ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] ldap auth against active directory fails
Try LDAP Browser to find the correct configuration. I've succeeded in connecting to AD, using the CN attribute, so in config it would be: bind_DN={0} /// here the user will type his cn UID_attr=cn Quoting werner mueller : hallo well i am a little stuck. i cant make it work although i copied the settings from a working example (well another tool but the same servers). i can only get to 'invalid credentials' does the server need to be in the same domain as the active directory to use the bind_DN=subdomain\{0} bind schema? the server is a linux machine and is not added to the windows domain. is there a unit test or little tool or something one could use for testing? its a little weird its not working. thanks for any ideas :) regards werner Thomas Mortagne schrieb: > You can enable "debug" logging, see > http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Logging > > On Wed, Apr 30, 2008 at 1:54 PM, werner mueller > wrote: >> Hallo >> >> thanks for the quick reply. >> >> well the config should work then :/ >> i compared it with the bugzilla / subversion config which uses the same >> ldap / active directory auth. the only difference is that they >> distinguish the bind user with the user to be authenticated. but in my >> case even the bind user cannot login. >> >> >> 2008-04-30 13:44:34,891 >> [http://dev.edoras.ch:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] >> [http-8080-Processor24] WARN LDAP.XWikiLDAPAuthServiceImpl - LDAP >> authentication failed. >> >> com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5: LDAP >> bind failed with LDAPException. >> Wrapped Exception: Invalid Credentials >> at >> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:178) >> at >> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:109) >> at >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:194) >> at >> >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:107) >> . >> >> Wrapped Exception: >> >> >> LDAPException: Invalid Credentials (49) Invalid Credentials >> LDAPException: Server Message: 80090308: LdapErr: DSID-0C090334, >> comment: AcceptSecurityContext error, data 525, vece >> LDAPException: Matched DN: >> at com.novell.ldap.LDAPResponse.getResultException(Unknown Source) >> at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source) >> at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source) >> at com.novell.ldap.LDAPConnection.bind(Unknown Source) >> at com.novell.ldap.LDAPConnection.bind(Unknown Source) >> at >> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:170) >> at >> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:109) >> at >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:194) >> >> >> >> >> is there some debug feature i can turn on to get some more information? >> or some small test-class to verify the settings? it seems it uses the >> login name from the login form but then authentication fails. >> >> >> >> thanks a lot :) >> regards >> >> werner >> >> >> >> >> Thomas Mortagne schrieb: >> > On Wed, Apr 30, 2008 at 11:55 AM, werner mueller >> > wrote: >> >> Hallo >> >> >> >> thanks for the reply. >> >> back to stupid questions: >> >> >> >> > #-# LDAP login, empty = anonymous access, otherwise specify full dn >> >> > #-# {0} is replaced with the username, {1} with the password >> >> > #xwiki.authentication.ldap.bind_DN=cn={0},department=USER,o=MP >> >> >> >> > #xwiki.authentication.ldap.bind_pass={1} >> >> >> >> {0} is the username from the login form in xwiki? >> >> {1} is the password from the login form in xwiki? >> > >> > Yes, you really write "{0}" and "{1}" in the configuration and it will >> > be replaced at runtime by user/pass provided by user in the login >> > form. >> > >> >> or are these documentation placeholders to be filled in the config file >> >> directly? >> >> >> >> thanks :) >> >> >> >> >> >> >> >> regards >> >> >> >> werner >> >> >> >> >> >> >> >> >> >> Thomas Mortagne schrieb: >> >> > On Tue, Apr 29, 2008 at 1:30 PM, werner mueller >> >> > wrote: >> >> >> Hallo >> >> >> >> >> >> thanks for the hints. >> >> >> >> >> >> i tried some other configurations but with no luck. it seems not every >> >> >> user is allowed to query the ldap structure. i have to use a special >> >> >> user/password to bind xwiki to the active directory. that user can login >> >> >> but thats not a solution. aloow everyone to query the ad is not an >> >> >> option for us. >> >> >
Re: [xwiki-users] Active Directory
Here's the log: 2008-05-12 13:27:05,076 [http://localhost/xwiki/bin/view/Main] [TP-Processor3] INFO .AbstractXWikiMigrationManager - No storage migration required since current version is [7351] 2008-05-12 13:27:31,563 [http://localhost/xwiki/bin/loginsubmit/XWiki/XWikiLogin] [TP-Processor1] ERROR ldap.XWikiLDAPUtils - Could not find attribute cn for LDAP dn ou=Enterprise,ou=Users,ou=RRR,ou=LAT,dc=domain,dc=com 2008-05-12 13:27:31,630 [http://localhost/xwiki/bin/loginsubmit/XWiki/XWikiLogin] [TP-Processor1] WARN LDAP.XWikiLDAPAuthServiceImpl - LDAP authentication failed. Quoting Thomas Mortagne : I means what to you have in the log, the stack trace etc... On Fri, May 9, 2008 at 12:22 PM, Mihails Agafonovs wrote: > errorMessage: 203D: LdapErr: DSID-0C090C7D, comment: Unknown > extended request OID, data 0, vece > Quoting Thomas Mortagne : On Thu, May 8, 2008 at 4:49 PM, Mihails > Agafonovs wrote: > > You were right - I was using the old authenticator. Thanks! > > > > Now I can log in, but I'm not created in any group. Also, if I > enable > > extended search (when only users of the specified AD group will be > > verified), the LDAP throws error. > Which error exactly ? > > Quoting Thomas Mortagne : Which LDAP authenticator > > (xwiki.authentication.ldap.authclass) do you > > use ? If it's com.xpn.xwiki.user.impl.LDAP.LDAPAuthServiceImpl or > if > > you did not configured xwiki.authentication.ldap.authclass forgot > > pretty much all I said as I spoke about the new (since 1.3) LDAP > > authenticator > > > (xwiki.authentication.ldap.authclass=com.xpn.xwiki.ldap.authentication.XWikiLDAPAuthServiceImpl)... > > 2008/5/8 Mihails Agafonovs <[EMAIL PROTECTED]>: > > > Uncommenting xwiki.authentication.ldap.validate_password=0 > did > > > nothing. > > > > > > About ".". > > > > > > In version 1.1.2, there was no problem connecting to AD > using > > CN > > > attribute (name surname), and user was automatically > created > > in > > > XWikiAllGroup. So this is strange that in the newer version > > that > > > doesn't work. > > > > > > Also, nothing changed in our AD. I still can login in XWiki > > 1.1.2 and > > > LDAP browser, for example, in both cases using my CN. > > > Quoting Thomas Mortagne : Try to uncomment > > > > > > xwiki.authentication.ldap.validate_password=0 > > > You should not have 5 as this is used to force login/pass > > validation > > > when you don't connect to LDAP with provided user/pass > > (bind_DN and > > > bind_pass set to an existing ldap user/pass) > > > Another thing, in your example you seem to test with a > user > > name > > > containing a ".", the LDAP authenticator does > not > > support it yet, > > > see > > > http://jira.xwiki.org/jira/browse/XWIKI-2264 > > > 2008/5/8 Mihails Agafonovs : > > > > > > > > > > Here's a pice from xwiki.log: > > > > --- > > > > java.lang.NullPointerException > > > > at > > > > > > > > > > com.xpn.xwiki.plugin.lucene.IndexUpdater.run(IndexUpdater.java:209) > > > > at java.lang.Thread.run(Thread.java:619) > > > > 2008-05-07 14:11:31,078 [index updating thread] > > [Thread-20] ERROR > > > > lucene.IndexUpdater - Writer not open > and > > closeWriter > > > > called > > > > 2008-05-07 14:15:49,735 > > > [http://192.168.220.128/xwiki/bin/view/Main] > > > > [TP-Processor3] INFO .AbstractXWikiMigrationManager > - > > No > > > storage > > > > migration required since current version is [7351] > > > > 2008-05-07 14:17:37,228 > > > > > > [http://192.168.220.128/xwiki/bin/loginsubmit/XWiki/XWikiLogin] > > > > [TP-Processor3] ERROR LDAP.LDAPAuthServiceImpl > - > > LDAP Bind > > > > failed with Exception Invalid Credentials > > > > 2008-05-07 14:20:29,787 > > > [http://192.168.220.128/xwiki/bin/view/Main] > > > > [TP-Processor3] INFO .AbstractXWikiMigrationManager > - > > No > > > storage > > > > migration required since current version is [7351] > > > > 2008-05-07 14:25:32,020 [index updating thread] > > [Thread-20] ERROR > > > > lucene.IndexUpdater - IOException when > > opening Lucene > > > > Index for writing at > > > > /var/lib/tomcat5/webapps/xwiki/WEB-INF/work/lucene > > > > > > > > > > - > > > > > > > > And from Wireshark it's the same I pasted in a > previous > > mail. I > > > can > > > > add the function sequence watched via Wireshark: > > > > 1) bindRequest() with domainname.surname > > > > 2) bindresponse() - success > > > > 3) searchRequest() with dc=domain, dc=com, > > > > sAMAccountNa
[xwiki-users] redirecting upon login
Hi all, I've a kind of an urgency so, please, accept my apologies if I didn't browse lists and issues looking for a similar doubt. I am in a meeting where I will use XWiki to present some ideas about collaboration driven with a wiki-wiki environment (and XWiki will be presented as the BEST option to create such an environment!). I do need to do a simple thing: I have a document with two versions. One of them can be freely accessed (this is the case http://tinyurl.com/4lc34s) and the second one that is now freely accessible (http://tinyurl.com/6qxhnw) but access must been restricted. Of course I can control this access with users' rights, but how could I forced logged users to go to the second release and not logged users to the first one? The perfect situation would be that active links in http://tinyurl.com/6qxhnw will be only showed when logged (or logged with an granted access user). Any idea will be welcome! Thanks for your help! Cheers, Ricardo -- Ricardo RodrÃguez Your EPEC Network ICT Team ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] Exception on rollback history
Vincent Massol ha scritto: > Hi, > > I think this means you have invalid history revisions. Is this > happening for all pages? > > Thanks > -Vincent > Hi Vincent, thanks for your reply. Yes, it happens for all pages. In XWiki 0.9.8 the rollback worked correctly, now (1.3.2) I got this exception. Maybe I should fix something on DB? Thanks Diego ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] Just to clarify
Hi, Why using both velocity and Groovy in Xwiki? Regards, Project trainees. ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users