Change comment:
Document converted from syntax xwiki/1.0 to syntax xwiki/2.0
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Title
-
... ... @@ -1,1 +1,0 @@ 1 -User Authentication - Content
-
... ... @@ -1,6 +1,8 @@ 1 += User Authentication = 2 + 1 1 XWiki supports several different authentication mechanisms for authenticating users: 2 2 3 -{{toc/}} 5 +{{toc start="" depth="" numbered=""/}} 4 4 5 5 The form authentication is the default mechanism. 6 6 ... ... @@ -8,17 +8,17 @@ 8 8 Note that currently XWiki allows only one method of authentication to be enabled at a time. This will probably be improved in the future. 9 9 {{/info}} 10 10 11 -= Form Authentication = 13 +== Form Authentication == 12 12 13 13 TODO 14 14 15 -= LDAP Authentication = 17 +== LDAP Authentication == 16 16 17 17 {{warning}} 18 18 New LDAP implementation since XWiki Platform 1.3M2, see [[previous LDAP authentication service documentation>>AuthenticationLdapOld]] 19 19 {{/warning}} 20 20 21 -== Generic LDAP configuration == 23 +=== Generic LDAP configuration === 22 22 23 23 In order to enable the LDAP support you have to change the authentication method in //WEB-INF/xwiki.cfg// as follows: 24 24 ... ... @@ -93,7 +93,7 @@ 93 93 {{/code}} 94 94 95 95 {{info}} 96 -You can also setup the LDAP configuration in XWiki.XWikiPreferences page by going to the object editor. Simply replace "xwiki.authentication.ldap." by "ldap_". For example ##xwiki.authentication.ldap.base_DN## becomes ##ldap_base_DN##98 +You can also setup the LDAP configuration in XWiki.XWikiPreferences page by going to the object editor. Simply replace 97 97 {{/info}} 98 98 99 99 For testing purposes, you may wish to omit the "ldap.fields_mapping" field, to test the authentication first, and then add it later to get the mappings right. ... ... @@ -103,11 +103,11 @@ 103 103 * [[Apache Directory Studio>>http://directory.apache.org/studio/]] 104 104 * [[LDAP Browser/Editor>>http://www-unix.mcs.anl.gov/gawor/ldap/]] 105 105 106 -== Detailed use cases == 108 +=== Detailed use cases === 107 107 108 108 See [[LDAP configuration uses cases>>LDAPAuthenticationUseCases]] for some detailed use cases. 109 109 110 -== Enable LDAP debug log == 112 +=== Enable LDAP debug log === 111 111 112 112 See [[AdminGuide.Logging]]. The specific targets for LDAP authentication are: 113 113 ... ... @@ -116,11 +116,11 @@ 116 116 log4j.logger.com.xpn.xwiki.user.impl.LDAP=debug 117 117 {{/code}} 118 118 119 -= eXo Authentication = 121 +== eXo Authentication == 120 120 121 121 The eXo authentication is used automatically by adding/editing the //xwiki.exo=1// property in //WEB-INF/xwiki.cfg//. 122 122 123 -= Custom Authentication = 125 +== Custom Authentication == 124 124 125 125 This allows plugging to any existing authentication mechanism such as SiteMinder, etc. To configure a custom authentication do the following: 126 126 ... ... @@ -145,7 +145,7 @@ 145 145 xwiki.authentication.groupclass = com.acme.MyCustomGroupService 146 146 {{/code}} 147 147 148 -== Custom Authentication using a Groovy script in a wiki page == 150 +=== Custom Authentication using a Groovy script in a wiki page === 149 149 150 150 Start by specifying you want to use the Groovy Authenticator: 151 151 ... ... @@ -161,7 +161,7 @@ 161 161 162 162 Then in a wiki page put some Groovy code that returns a XWikiAuthService object. 163 163 164 -= Authentication parameters == =166 +== Authentication parameters == 165 165 166 166 You can set each of these parameters by setting: 167 167 ... ... @@ -191,7 +191,7 @@ 191 191 1. Only required if protection = encryption or all (default) 192 192 1. Only required if protection = validation or all (default) 193 193 194 -= Kerberos SSO Authentication = 196 +== Kerberos SSO Authentication == 195 195 196 196 {{warning}} 197 197 This implementation of SSO is currently under review see: http://jira.xwiki.org/jira/browse/XWIKI-2496 . The class which is described in this segment of documentation, AppServerTrustedKerberosAuthServiceImpl, is not part of the default XWiki distribution! ... ... @@ -256,7 +256,7 @@ 256 256 257 257 2 JBoss SPNEGO (Kerberos in combination with LDAP) I changed the code of the XWikiLDAPAuthServiceImpl to be able to detect the sso user. The authenication already happend by using the SPNEGO module (JAAS). After that I'm using the ldap synchronisation feature to make sure that the user is up to date. The combination leads to an automatic login in the xwiki and the user rights are controlled in the Active Directory server. I hope you can adopt this code or that you can use it for your own projects. 258 258 259 -The configuration of ldap :261 +The configuration of ldap; 260 260 261 261 {{code}} 262 262 xwiki.authentication.authclass=com.wiki.sso.SSOLdapAuthenicationImpl
