Quantcast

LDAP Authentication extension config

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

LDAP Authentication extension config

Douglas Landau
Hi,

Another dumb question, apologies in advance.
I'm running Tomcat 9.0 + mysql 5.7 + XWiki 8.4.3 installed from WAR.
I installed the LDAP authentication thru the extensions manager, at least I think I did, but don't see the installed package files anywhere.  Nor do I see anything about it in the GUI.  Except in the extensions manager, that it was installed to Farm.  

This page:
http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HGenericLDAPconfiguration
says to edit your xwiki.cfg as follows.  But I don't see the lines below in my xwiki.cfg.  I am supposed to add them, I guess?  Or was there some step I was supposed to take to get me from "Installed on Farm" to "Installed on Xwiki" ?

Thanks!
Doug



 Generic LDAP configuration
In order to enable the LDAP support you have to change the authentication method in WEB-INF/xwiki.cfg as follows:

#-# LDAP authentication service
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl

#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap=1
You can setup the LDAP configuration in the xwiki.cfg file by filling the following properties:

#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap=1

#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
#-# The default host is localhost
xwiki.authentication.ldap.server=localhost
#-# The default port is 389 (636 if xwiki.authentication.ldap.ssl is enabled)
# xwiki.authentication.ldap.port=389

#-# LDAP credentials, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the user name, {1} with the password
xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
xwiki.authentication.ldap.bind_pass={1}




-----Original Message-----
From: users [mailto:[hidden email]] On Behalf Of Douglas Landau
Sent: Monday, March 06, 2017 1:44 PM
To: XWiki Users
Subject: Re: [xwiki-users] Stopping Xwiki-8.4.3/Tomcat-9.0 and integrating with systemctl


>Port in <server> property is a Tomcat system port used for shutdown, it should not be confused with a port Tomcat service connector listens on (client connection port like 80, 8080, 443 etc). So changing it to 8080 is not what you should've done, I think.

Thanks.  I changed it back to 8005.  But when I start up it is still not listening on 8005, and so the shutdown script does not work.  What have I overlooked/do I have to do to enable port 8005 shutdown?

Thanks
Doug


The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged

information.  It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are

hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited.

If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original

message. To reply to our email administrator directly, please send an email to [hidden email].

The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged
information.  It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are
hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited.
If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original
message. To reply to our email administrator directly, please send an email to [hidden email].
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: LDAP Authentication extension config

Richter, Tobias


Hi Doug - you have to fill in additional lines! It is this:

xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl

OR this:


xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl

With a test installation it worked without this line:

xwiki.authentication.ldap=1

The authentication line was not added after installing the LDAP packages.... (It works so far :- ) ) If you need a copy of the cfg file please write.


Cheers ,

Toby
Hi,

Another dumb question, apologies in advance.
I'm running Tomcat 9.0 + mysql 5.7 + XWiki 8.4.3 installed from WAR.
I installed the LDAP authentication thru the extensions manager, at least I think I did, but don't see the installed package files anywhere.  Nor do I see anything about it in the GUI.  Except in the extensions manager, that it was installed to Farm.  

This page:
http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HGenericLDAPconfiguration
says to edit your xwiki.cfg as follows.  But I don't see the lines below in my xwiki.cfg.  I am supposed to add them, I guess?  Or was there some step I was supposed to take to get me from "Installed on Farm" to "Installed on Xwiki" ?

Thanks!
Doug



 Generic LDAP configuration
In order to enable the LDAP support you have to change the authentication method in WEB-INF/xwiki.cfg as follows:

#-# LDAP authentication service
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl

#-# Turn LDAP authentication on - otherwise only XWiki authentication #-# - 0: disable #-# - 1: enable #-# The default is 0
xwiki.authentication.ldap=1
You can setup the LDAP configuration in the xwiki.cfg file by filling the following properties:

#-# Turn LDAP authentication on - otherwise only XWiki authentication #-# - 0: disable #-# - 1: enable #-# The default is 0
xwiki.authentication.ldap=1

#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.) #-# The default host is localhost xwiki.authentication.ldap.server=localhost
#-# The default port is 389 (636 if xwiki.authentication.ldap.ssl is enabled) # xwiki.authentication.ldap.port=389

#-# LDAP credentials, empty = anonymous access, otherwise specify full dn #-# {0} is replaced with the user name, {1} with the password xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
xwiki.authentication.ldap.bind_pass={1}




-----Original Message-----
From: users [mailto:[hidden email]] On Behalf Of Douglas Landau
Sent: Monday, March 06, 2017 1:44 PM
To: XWiki Users
Subject: Re: [xwiki-users] Stopping Xwiki-8.4.3/Tomcat-9.0 and integrating with systemctl


>Port in <server> property is a Tomcat system port used for shutdown, it should not be confused with a port Tomcat service connector listens on (client connection port like 80, 8080, 443 etc). So changing it to 8080 is not what you should've done, I think.

Thanks.  I changed it back to 8005.  But when I start up it is still not listening on 8005, and so the shutdown script does not work.  What have I overlooked/do I have to do to enable port 8005 shutdown?

Thanks
Doug


The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged

information.  It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are

hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited.

If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original

message. To reply to our email administrator directly, please send an email to [hidden email].

The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged information.  It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To reply to our email administrator directly, please send an email to [hidden email].
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: LDAP Authentication extension config

Thomas Mortagne
Administrator
In reply to this post by Douglas Landau
On Tue, Mar 7, 2017 at 1:36 AM, Douglas Landau <[hidden email]> wrote:
> Hi,
>
> Another dumb question, apologies in advance.
> I'm running Tomcat 9.0 + mysql 5.7 + XWiki 8.4.3 installed from WAR.
> I installed the LDAP authentication thru the extensions manager, at least I think I did, but don't see the installed package files anywhere.  Nor do I see anything about it in the GUI.  Except in the extensions manager, that it was installed to Farm.
>
> This page:
> http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HGenericLDAPconfiguration
> says to edit your xwiki.cfg as follows.  But I don't see the lines below in my xwiki.cfg.  I am supposed to add them, I guess?  Or was there some step I was supposed to take to get me from "Installed on Farm" to "Installed on Xwiki" ?

Yes LDAP authenticator is an extension so its configuration is not
part of the default xwiki.cfg file. The simplest is to copy/paste the
configuration you have on
http://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HGenericLDAPconfiguration/

Alternatively you can use the LDAP Application which install an UI
(but it's missing a few advanced options) to configure LDAP in the
administration. Note that as indicated you will still need to set the
authenticator to be the LDAP one in xwiki.cfg.


>
> Thanks!
> Doug
>
>
>
>  Generic LDAP configuration
> In order to enable the LDAP support you have to change the authentication method in WEB-INF/xwiki.cfg as follows:
>
> #-# LDAP authentication service
> xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
>
> #-# Turn LDAP authentication on - otherwise only XWiki authentication
> #-# - 0: disable
> #-# - 1: enable
> #-# The default is 0
> xwiki.authentication.ldap=1
> You can setup the LDAP configuration in the xwiki.cfg file by filling the following properties:
>
> #-# Turn LDAP authentication on - otherwise only XWiki authentication
> #-# - 0: disable
> #-# - 1: enable
> #-# The default is 0
> xwiki.authentication.ldap=1
>
> #-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
> #-# The default host is localhost
> xwiki.authentication.ldap.server=localhost
> #-# The default port is 389 (636 if xwiki.authentication.ldap.ssl is enabled)
> # xwiki.authentication.ldap.port=389
>
> #-# LDAP credentials, empty = anonymous access, otherwise specify full dn
> #-# {0} is replaced with the user name, {1} with the password
> xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
> xwiki.authentication.ldap.bind_pass={1}
>
>
>
>
> -----Original Message-----
> From: users [mailto:[hidden email]] On Behalf Of Douglas Landau
> Sent: Monday, March 06, 2017 1:44 PM
> To: XWiki Users
> Subject: Re: [xwiki-users] Stopping Xwiki-8.4.3/Tomcat-9.0 and integrating with systemctl
>
>
>>Port in <server> property is a Tomcat system port used for shutdown, it should not be confused with a port Tomcat service connector listens on (client connection port like 80, 8080, 443 etc). So changing it to 8080 is not what you should've done, I think.
>
> Thanks.  I changed it back to 8005.  But when I start up it is still not listening on 8005, and so the shutdown script does not work.  What have I overlooked/do I have to do to enable port 8005 shutdown?
>
> Thanks
> Doug
>
>
> The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged
>
> information.  It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are
>
> hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited.
>
> If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original
>
> message. To reply to our email administrator directly, please send an email to [hidden email].
>
> The information contained in this transmission may contain West Marine proprietary, confidential and/or privileged
>
> information.  It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are
>
> hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited.
>
> If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original
>
> message. To reply to our email administrator directly, please send an email to [hidden email].



--
Thomas Mortagne
Loading...