incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Jaquith <andrew.r.jaqu...@gmail.com>
Subject Re: Visual LDAP user name
Date Sat, 24 Oct 2009 15:12:27 GMT
JSPWiki 3.0 trunk already has an LdapUserDatabase and LdapAuthorizer,
which means that it can obtain user profiles on a read-only basis from
LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
users will be "provisioned" in JSPWiki automatically. This should
solve the user-experience problem you described.

The upcoming 3.0 LDAP features have been developed and tested with
Active Directory and OpenLDAP. It is configured via the GUI at
install-time.

With respect to permissions and group memberships: these are good
suggestions. We still have some work to do for the GUI for ACLs for
3.0. I agree that we should be validating user names when users create
the ACLs. Same for adding users to groups. These suggestions will be
incorporated into how the ACL GUIs work -- likely via AJAX in
real-time.

Andrew

On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te@zama.org> wrote:
> The group and permission system in the jspwiki is rather dynamic, and ldaps
> tends to be readonly except for a groups of administrators. There for there
> is still need for the user.xml and group.xml. But in my opinion the user.xml
> needs to be automatically updated when a new ldap user is logged in.
>
> Otherwise granting and managing jspwiki permissions i a nightmare, this also
> enhanced since there is no check on if a user exist - when adding users to
> wiki group or setting a page permission.
>
> I think the following should be changed.
>
> - First time a new user is logged in - the user should be added to the the
> user.xml and redirect to the profile page for setting additional information
> (email, full name and section edition etc)
>
> - Adding page permission should lookup if the group or the user exist.
>
> - Adding users to a wiki group should only be possible for existing users.
>
> /Thomas
>
>
> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>
>> Why allow people to eliminate the user.xml?
>>
>> Why not allow the use of LDAP for the user profile?
>>
>> Allow mapping the LDAP attributes to the profile values?
>>
>> Enterprises have no desire to maintain another separate user store of
>> information. Many already have a central LDAP store.
>>
>> -jim
>> Jim Willeke
>>
>>
>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te@zama.org> wrote:
>>
>>> I would suggest a change, if a ldap user is logging the first time.  the
>>> Wiki should create the user in the user.xml - it gives a lot of problem
>>> when
>>> adding a ldap user to a wiki group, since it possible that the user isn't
>>> created.
>>>
>>>
>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>
>>> If a user creates a user profile after logging into the container, he or
>>>>
>>>> she will have an opportunity to specify a "full name." If a full name is
>>>> supplied, it will be used in page histories etc from that point forward.
>>>>
>>>> Andrew
>>>>
>>>> On Oct 22, 2009, at 16:34, Harald Krammer <Harald.Krammer@hkr.at> wrote:
>>>>
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>
>>>>> Hash: SHA256
>>>>>
>>>>> Hello,
>>>>> I run JSPWiki with Web Container Authentication via LDAP and it runs
>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>>>
>>>>> Only the visualization of real user name is still missing. I get only
>>>>> the login name (short name) instead of the full name in the change
>>>>> history and so on.  Is it a default behaviour or misconfiguration?
>>>>>
>>>>> Nice greetings,
>>>>> Harald
>>>>>
>>>>> - --
>>>>>
>>>>> Harald Krammer
>>>>> Brucknerstrasse 33
>>>>> A - 4020  Linz
>>>>> AUSTRIA
>>>>>
>>>>> Mobil +43.(0) 664. 130 59 58
>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>> -----BEGIN PGP SIGNATURE-----
>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>
>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>> =Kd7Y
>>>>> -----END PGP SIGNATURE-----
>>>>>
>>>>
>>>
>
>

Mime
View raw message