Gunter Leeb wrote: > Hi Ricardo, > > Yes, 1-3. is correct. One of the features that I am proposing in > JIRA-1079 is the (configurable) fallback authentication using the XWiki > DB. >
Fallback authentication works great. Here a typical sequence registered in xwiki.log 12:02:24,625 [http-193.144.34.240-80-1] ERROR thentication.LDAPAuthenticater - Bind to LDAP server failed. 12:02:24,625 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - Trying authentication against XWiki DB 12:02:24,651 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - Finding user egarciarodeja 12:02:24,652 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - Found user egarciarodeja 12:02:24,653 [http-193.144.34.240-80-1] DEBUG thentication.LDAPAuthenticater - XWiki DB login succeeded > My library was developed based on code of the ldap authentication > plug-in from XWiki pre-1.0. I have not followed any changes in XWiki's > ldap plug-in since then. > I am afraid I am not devoting time enough to follow XWiki development, so I am a bit lost. Must I be able to find a LDAP authentication plug-in in XWiki Code Zone? I guess it is bundled in the XWiki distribution? > I have added SSL binding to the LDAP Server later and added the code to > the JIRA issue. > I am using the classes included in ldap.zip dated on May the 29th, 2007. I think the errors I am getting are related with the value of xwiki.authentication.ldap.ssl.keystore parameter. Does this make any sense for you? mire:/home/webmaster/bin # tail -200 xwiki.log | grep SSLException javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) I read in XWIKI-1079 issue: # keystore for certificates / root certificates (default is .keystore in the xwiki-process-users homedirectory) xwiki.authentication.ldap.ssl.keystore=<path_to_ssl_keystore> Please what is the xwiki-process-users homedirectory? > The code checked in the JIRA issue is a suggestion for improvement of > XWiki coming out of the community. It is a plug-in and therefore is > fairly independent from the regular XWiki development and build process. > By referencing xwiki.jar (and novell's ldap jar) you should be able to > compile the sources that I provided. JIRA issue XWIKI-1079 is related with XWIKI-865 by Philippe Marzouk. There is a xwiki-ldap-ssl.patch attached there, but no comments or any further information. I understand this proposal has not been considered and never added to the main distribution. And that your classes keep also out of the main distribution and are only available from the JIRA issue, am I right? Please, Gunter, when a suggestion from the community does become part of the official distribution? Just trying to understand how things are done... > I have also added the class files. > You are corret the last bug fixes I checked in in the mentioned > attachment. > > If you haven't done before, before you go thorough compiling the > plug-in try out the classes. See if you can handle the configuration. > > Regards, > > Gunter > I will try to use your classes, then moved ahead and try to compile the last version. Cheers, Ricardo -- Ricardo RodrÃguez Your XEN ICT Team _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users