<
From version < 34.2 >
edited by Silvia Macovei
on 2010/03/04
To version < 36.1 >
edited by Thomas Mortagne
on 2010/04/19
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.SilviaRusu
1 +XWiki.ThomasMortagne
Content
... ... @@ -35,61 +35,72 @@
35 35  You can setup the LDAP configuration in the //xwiki.cfg// file by filling the following properties:
36 36  
37 37  {{code language="none"}}
38 -## LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
39 -xwiki.authentication.ldap.server=156.58.101.204
38 +#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
39 +xwiki.authentication.ldap.server=127.0.0.1
40 40  xwiki.authentication.ldap.port=389
41 41  
42 -## LDAP login, empty = anonymous access, otherwise specify full dn
43 -## {0} is replaced with the username, {1} with the password
42 +#-# LDAP login, empty = anonymous access, otherwise specify full dn
43 +#-# {0} is replaced with the username, {1} with the password
44 44  xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
45 45  xwiki.authentication.ldap.bind_pass={1}
46 46  
47 -## Force to check password after LDAP connection
48 -## 0: disable
49 -## 1: enable
47 +#-# Force to check password after LDAP connection
48 +#-# 0: disable
49 +#-# 1: enable
50 50  xwiki.authentication.ldap.validate_password=0
51 51  
52 -## only members of the following group will be verified in the LDAP
53 -## otherwise only users that are found after searching starting from the base_DN
54 -xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US
52 +#-# only members of the following group will be verified in the LDAP
53 +#-# otherwise only users that are found after searching starting from the base_DN
54 +# xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US
55 55  
56 -## only users not member of the following group can autheticate
57 -xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US
56 +#-# only users not member of the following group can autheticate
57 +# xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US
58 58  
59 -## base DN for searches
59 +#-# base DN for searches
60 60  xwiki.authentication.ldap.base_DN=
61 -department=USER,department=INFORMATIK,department=1230,o=MP
62 62  
63 -## specifies the LDAP attribute containing the identifier to be used as the XWiki name (default=cn)
64 -xwiki.authentication.ldap.UID_attr=cn
62 +#-# Specifies the LDAP attribute containing the identifier to be used as the XWiki name (default=cn)
63 +# xwiki.authentication.ldap.UID_attr=cn
65 65  
66 -## retrieve the following fields from LDAP and store them in the XWiki user object (xwiki-attribute=ldap-attribute)
67 -xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail
65 +#-# Specifies the LDAP attribute containing the password to be used "when xwiki.authentication.ldap.validate_password" is set to 1
66 +# xwiki.authentication.ldap.password_field=userPassword
68 68  
69 -# on every login update the mapped attributes from LDAP to XWiki otherwise this happens only once when the XWiki account is created.
68 +#-# The potential LDAP groups classes. Separated by commas.
69 +# xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList
70 +
71 +#-# The potential names of the LDAP groups fields containings the members. Separated by commas.
72 +# xwiki.authentication.ldap.group_memberfields=member,uniqueMember
73 +
74 +#-# retrieve the following fields from LDAP and store them in the XWiki user object (xwiki-attribute=ldap-attribute)
75 +xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
76 +
77 +#-# on every login update the mapped attributes from LDAP to XWiki otherwise this happens only once when the XWiki account is created.
70 70  xwiki.authentication.ldap.update_user=1
71 71  
72 -## maps XWiki groups to LDAP groups, separator is "|"
73 -xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=MegaNova,c=US|\
74 - XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US
80 +#-# mapps XWiki groups to LDAP groups, separator is "|"
81 +# xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=MegaNova,c=US|\
82 +# XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US
75 75  
76 -## time in seconds after which the list of members in a group is refreshed from LDAP (default=3600*6)
77 -xwiki.authentication.ldap.groupcache_expiration=21800
84 +#-# time in s after which the list of members in a group is refreshed from LDAP (default=3600*6)
85 +# xwiki.authentication.ldap.groupcache_expiration=21800
78 78  
79 -## - create : synchronize group membership only when the user is first created
80 -## - always: synchronize on every login
81 -xwiki.authentication.ldap.mode_group_sync=always
87 +#-# - create : synchronize group membership only when the user is first created
88 +#-# - always: synchronize on every login
89 +# xwiki.authentication.ldap.mode_group_sync=always
82 82  
83 -## if ldap authentication fails for any reason, try XWiki DB authentication with the same credentials
91 +#-# if ldap authentication fails for any reason, try XWiki DB authentication with the same credentials
84 84  xwiki.authentication.ldap.trylocal=1
85 85  
86 -## SSL connection to LDAP server
87 -## 0 : normal
88 -## 1 : SSL
89 -xwiki.authentication.ldap.ssl=1
94 +#-# SSL connection to LDAP server
95 +#-# 0: normal
96 +#-# 1: SSL
97 +# xwiki.authentication.ldap.ssl=0
90 90  
91 -## The keystore file to use in SSL connection
92 -xwiki.authentication.ldap.ssl.keystore=
99 +#-# The keystore file to use in SSL connection
100 +# xwiki.authentication.ldap.ssl.keystore=
101 +
102 +#-# The java secure provider used in SSL connection
103 +# xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider
93 93  {{/code}}
94 94  
95 95  {{info}}
... ... @@ -181,11 +181,11 @@
181 181  |encryptionpadding|Yes|?|?|Set the Encryption Padding used to encrypt and decrypt cookies
182 182  |errorpage|Yes|String|/bin/loginerror/ XWiki/XWikiLogin|Page to redirect to if there is an error logging in
183 183  |loginpage|Yes|String|/bin/login/ XWiki/XWikiLogin|Page to redirect to when not logged in
184 -|loginsubmitpage|Yes|String|/loginsubmit/ XWiki/XWikiLogin|?
195 +|loginsubmitpage|Yes|String|/loginsubmit/ XWiki/XWikiLogin|The URL where the username and password are posted to when logging in.
185 185  |logoutpage|Yes|String|/bin/logout/ XWiki/XWikiLogout|Page to redirect to after logged out
186 186  |realmname|Yes|String|XWiki|Sets the realm name
187 187  |protection|Yes|all, validation, encryption, none|all|Protection level for the "remember me" cookie functionality
188 -|unauthorized_code|Yes|?|?|?
199 +|unauthorized_code|Yes|Number|401|The HTTP status code to return when the login has failed.
189 189  |useip|Yes|true / false|true|Specify to use the IP address when encrypting the cookie data; if IP address changes will need to re-login.
190 190  
191 191  1. Only required if protection = encryption or all (default)

Get Connected