<
From version < 34.1 >
edited by Silvia Macovei
on 2010/03/04
To version < 34.2 >
edited by Silvia Macovei
on 2010/03/04
>
Change comment: Fixed Title; Fixed TOC

Summary

Details

Page properties
Title
... ... @@ -1,0 +1,1 @@
1 +User Authentication
Content
... ... @@ -1,8 +3,6 @@
1 -= User Authentication =
2 -
3 3  XWiki supports several different authentication mechanisms for authenticating users:
4 4  
5 -{{toc start="" depth="" numbered=""/}}
3 +{{toc/}}
6 6  
7 7  The form authentication is the default mechanism.
8 8  
... ... @@ -10,17 +10,17 @@
10 10  Note that currently XWiki allows only one method of authentication to be enabled at a time. This will probably be improved in the future.
11 11  {{/info}}
12 12  
13 -== Form Authentication ==
11 += Form Authentication =
14 14  
15 15  TODO
16 16  
17 -== LDAP Authentication ==
15 += LDAP Authentication =
18 18  
19 19  {{warning}}
20 20  New LDAP implementation since XWiki Platform 1.3M2, see [[previous LDAP authentication service documentation>>AuthenticationLdapOld]]
21 21  {{/warning}}
22 22  
23 -=== Generic LDAP configuration ===
21 +== Generic LDAP configuration ==
24 24  
25 25  In order to enable the LDAP support you have to change the authentication method in //WEB-INF/xwiki.cfg// as follows:
26 26  
... ... @@ -95,7 +95,7 @@
95 95  {{/code}}
96 96  
97 97  {{info}}
98 -You can also setup the LDAP configuration in XWiki.XWikiPreferences page by going to the object editor. Simply replace
96 +You can also setup the LDAP configuration in XWiki.XWikiPreferences page by going to the object editor. Simply replace "xwiki.authentication.ldap." by "ldap_". For example ##xwiki.authentication.ldap.base_DN## becomes ##ldap_base_DN##
99 99  {{/info}}
100 100  
101 101  For testing purposes, you may wish to omit the "ldap.fields_mapping" field, to test the authentication first, and then add it later to get the mappings right.
... ... @@ -105,11 +105,11 @@
105 105  * [[Apache Directory Studio>>http://directory.apache.org/studio/]]
106 106  * [[LDAP Browser/Editor>>http://www-unix.mcs.anl.gov/gawor/ldap/]]
107 107  
108 -=== Detailed use cases ===
106 +== Detailed use cases ==
109 109  
110 110  See [[LDAP configuration uses cases>>LDAPAuthenticationUseCases]] for some detailed use cases.
111 111  
112 -=== Enable LDAP debug log ===
110 +== Enable LDAP debug log ==
113 113  
114 114  See [[AdminGuide.Logging]]. The specific targets for LDAP authentication are:
115 115  
... ... @@ -118,11 +118,11 @@
118 118  log4j.logger.com.xpn.xwiki.user.impl.LDAP=debug
119 119  {{/code}}
120 120  
121 -== eXo Authentication ==
119 += eXo Authentication =
122 122  
123 123  The eXo authentication is used automatically by adding/editing the //xwiki.exo=1// property in //WEB-INF/xwiki.cfg//.
124 124  
125 -== Custom Authentication ==
123 += Custom Authentication =
126 126  
127 127  This allows plugging to any existing authentication mechanism such as SiteMinder, etc. To configure a custom authentication do the following:
128 128  
... ... @@ -147,7 +147,7 @@
147 147  xwiki.authentication.groupclass = com.acme.MyCustomGroupService
148 148  {{/code}}
149 149  
150 -=== Custom Authentication using a Groovy script in a wiki page ===
148 +== Custom Authentication using a Groovy script in a wiki page ==
151 151  
152 152  Start by specifying you want to use the Groovy Authenticator:
153 153  
... ... @@ -163,7 +163,7 @@
163 163  
164 164  Then in a wiki page put some Groovy code that returns a XWikiAuthService object.
165 165  
166 -== Authentication parameters ==
164 += Authentication parameters ===
167 167  
168 168  You can set each of these parameters by setting:
169 169  
... ... @@ -193,7 +193,7 @@
193 193  1. Only required if protection = encryption or all (default)
194 194  1. Only required if protection = validation or all (default)
195 195  
196 -== Kerberos SSO Authentication ==
194 += Kerberos SSO Authentication =
197 197  
198 198  {{warning}}
199 199  This implementation of SSO is currently under review see: http://jira.xwiki.org/jira/browse/XWIKI-2496 . The class which is described in this segment of documentation, AppServerTrustedKerberosAuthServiceImpl, is not part of the default XWiki distribution!
... ... @@ -258,7 +258,7 @@
258 258  
259 259  2 JBoss SPNEGO (Kerberos in combination with LDAP) I changed the code of the XWikiLDAPAuthServiceImpl to be able to detect the sso user. The authenication already happend by using the SPNEGO module (JAAS). After that I'm using the ldap synchronisation feature to make sure that the user is up to date. The combination leads to an automatic login in the xwiki and the user rights are controlled in the Active Directory server. I hope you can adopt this code or that you can use it for your own projects.
260 260  
261 -The configuration of ldap;
259 +The configuration of ldap:
262 262  
263 263  {{code}}
264 264  xwiki.authentication.authclass=com.wiki.sso.SSOLdapAuthenicationImpl

Get Connected