Changes for page User Authentication

Last modified by Thomas Mortagne on 2023/04/28
<
From version < 1.16 >
edited by ShawnLauzon
on 2007/06/15
To version < 1.19 >
edited by jmcettrick
on 2007/07/03
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.ShawnLauzon
1 +XWiki.jmcettrick
Content
... ... @@ -1,6 +1,6 @@
1 1  1 User Authentication
2 2  
3 -XWiki supports different authentication mechanisms for authenticating users:
3 +XWiki supports several different authentication mechanisms for authenticating users:
4 4  #toc("" "" "")
5 5  
6 6  The form authentication is the default mechanism.
... ... @@ -67,7 +67,32 @@
67 67   - *ldap_UID_attr*: sAMAccountName
68 68   - *ldap_fields_mapping*: name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,mail=mail,ldap_dn=dn
69 69  
70 +Example:
71 +{code}
72 +xwiki.authentication.ldap=1
73 +xwiki.authentication.ldap.authclass=com.xpn.xwiki.user.impl.LDAP.LDAPAuthServiceImpl
74 +xwiki.authentication.ldap.server=adserver
75 +xwiki.authentication.ldap.check_level=1
76 +xwiki.authentication.ldap.port=389
77 +xwiki.authentication.ldap.base_DN=dc=subdomain,dc=domain,dc=suffix
78 +xwiki.authentication.ldap.bind_DN=subdomain\\{0}
79 +xwiki.authentication.ldap.bind_pass={1}
80 +xwiki.authentication.ldap.UID_attr=sAMAccountName
81 +xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,mail=mail,ldap_dn=dn
82 +{code}
70 70  
84 +The bind_DN and bind_pass fields contain the username and password for binding to the LDAP server in order to search, which will not necessarily be the same credentials as the user logging in.
85 +
86 +
87 +The exact details of this configuration will vary based on your server configuration. It may not be necessary to prefix the username (represented by {0}) with the subdomain.
88 +
89 +For testing purposes, you may wish to omit the "ldap.fields_mapping" field, to test the authentication first, and then add it later to get the mappings right.
90 +
91 +This java client, [LDAP Browser/Editor > http://www-unix.mcs.anl.gov/~gawor/ldap/] is a handy tool for checking your configuration.
92 +
93 +
94 +
95 +
71 71  1.1 eXo Authentication
72 72  
73 73  The eXo authentication is used automatically by adding/editing the ~~xwiki.exo=1~~ property in ~~WEB-INF/xwiki.cfg~~.
... ... @@ -97,14 +97,14 @@
97 97  cookiedomains | Yes | String | Server host name | Which host(s) should your cookies be sent to; use only if you want to share cookies across domains, otherwise should be commented out
98 98  cookielife | Yes | Number | 14 | Number of days cookies take to expire
99 99  cookiepath | Yes | String | / | The webapp path that XWiki cookies should be sent to; if you have anything else running on your web server, this should be set to ~~/xwiki~~
100 -default_page | Yes | String | /bin/view/Main/WebHome | Page to redirect to if xredirect parameter is not set
125 +default_page | Yes | String | /bin/view/ Main/WebHome | Page to redirect to if xredirect parameter is not set
101 101  encryptionalgorithm | Yes | ? | ? | Set the Encryption Algorithm used to encrypt and decrypt cookies
102 102  encryptionmode | Yes | ? | ? | Set the Encryption Mode used to encrypt and decrypt cookies
103 103  encryptionpadding | Yes | ? | ? | Set the Encryption Padding used to encrypt and decrypt cookies
104 -errorpage | Yes | String | /bin/loginerror/XWiki/XWikiLogin | Page to redirect to if there is an error logging in
105 -loginpage | Yes | String | /bin/login/XWiki/XWikiLogin | Page to redirect to when not logged in
106 -loginsubmitpage | Yes | String | /loginsubmit/XWiki/XWikiLogin | ?
107 -logoutpage | Yes | String | /bin/logout/XWiki/XWikiLogout | Page to redirect to after logged out
129 +errorpage | Yes | String | /bin/loginerror/ XWiki/XWikiLogin | Page to redirect to if there is an error logging in
130 +loginpage | Yes | String | /bin/login/ XWiki/XWikiLogin | Page to redirect to when not logged in
131 +loginsubmitpage | Yes | String | /loginsubmit/ XWiki/XWikiLogin | ?
132 +logoutpage | Yes | String | /bin/logout/ XWiki/XWikiLogout | Page to redirect to after logged out
108 108  realname | Yes | String | XWiki | Sets the realm name (should be ~~realmname~~???)
109 109  protection | Yes | all, validation, encryption, none | all | Protection level for the "remember me" cookie functionality
110 110  unauthorized_code | Yes | ? | ? | ?
... ... @@ -113,3 +113,5 @@
113 113  # Only required if protection = encryption or all (default)
114 114  # Only required if protection = validation or all (default)
115 115  
141 +
142 +

About

About

Support

Platform

User Guide

Admin Guide

Developer Guide

Projects

XWiki

Extensions

Other

Contribute

Status

Practices

Under the Hood

Get Involved

Get Connected