jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Gao" <david...@gmail.com>
Subject Re: LDAP groups
Date Thu, 06 Mar 2008 00:59:11 GMT
Hi,

I'm using LDAP (Web container authentication )for JSPWiki in my environment.
I can successfully map LDAP groups (UniqueMember) to JSPWiki roles. The
following is a security policy for this:

grant principal com.ecyrd.jspwiki.auth.authorize.Role "tomcat-admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};

where "tomcat-admin" is a LDAP group.

I would be happy to share more information about this if you just need.

2008/3/6, Milton Taylor <mctozzy@gmail.com>:
>
> At the very least you have to have an LDAP group named
> "Authenticated"...this seems to be a hard-wired expectation of jspwiki.
>
> We need to be careful about terminology here, because jspwiki "groups"
> and "roles" aren't the same thing.  Here we're really talking about the
> jspwiki roles, because they're the things that underly security in
> jspwiki. I'm not sure you can map the standard jspwiki role names to
> (different) LDAP group names. Yes it is possible I think to change the
> default role names as used in the security policy file (and in web.xml
> to match), with the exception of the Authenticated role above.
>
> Andrew J is the expert on this, hopefully he will chime in.
>
>
>
> Ryan L Brissette wrote:
> > Is it possible to connect JSPWiki groups to my existing LDAP groups?  I
> > have already enabled LDAP authentication.
> >
> > Thank you,
> > Ryan Brissette
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message