Changes for page XWiki Product Feedback
Last modified by Vincent Massol on 2024/04/02
From version 39.1
edited by Thomas Mortagne
on 2016/11/30
on 2016/11/30
Change comment:
There is no comment for this version
To version 40.1
edited by Thomas Mortagne
on 2016/11/30
on 2016/11/30
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -4,7 +4,7 @@ 4 4 > Most enterprises (and even smaller organizations) use some kind of directory service for user authentication and group management (e.g. OpenLDAP, Microsoft Active Directory, Samba). XWiki currently (to my knowledge) supports static mapping between local XWiki Groups and LDAP (security) groups based on Distinguished Name (dn). Maintaining lots of such groups quickly becomes tedious as LDAP groups are created, removed, renamed, and relocated. This has to be kept synchronized with the static configuration within XWiki and is prone to errors. I suggest some kind of automated mechanism for supporting external (security) groups with a configurable key of various data types. As an example, in Active Directory, a possible attribute to use is the "objectGUID" (https://msdn.microsoft.com/en-us/library/ms679021(v=vs.85).aspx) which is a 16-byte value, since it is the same during an object's entire life cycle. That way, role management within XWiki can be centrally managed using already existing tools, aligning management with already established business processes. 5 5 6 6 **Answer from Thomas Mortagne (XWiki Core Dev)**: 7 -> LDAP groups are not only LDAP DNs, you can also use LDAP filters and organization units. So in your case it would some something like ##XWiki.MyXWikiGroup=(objectGUID=someguid)##. See the examples in [[the xwiki.cfg file>>extensions:Extension.LDAP.Authenticator||anchor="HGenericLDAPconfiguration"]].7 +> LDAP groups are not only LDAP DNs, you can also use LDAP filters and organization units. So in your case it would probably be something like ##XWiki.MyXWikiGroup=(objectGUID=someguid)##. See the examples in [[the xwiki.cfg file>>extensions:Extension.LDAP.Authenticator||anchor="HGenericLDAPconfiguration"]]. 8 8 ))) 9 9 * Sent 11/30/2016 6:56:27:((( 10 10 > Your official xwiki side is for me the reference. I can see several useful UI components there which I do not know how to reuse/build in my xwiki project. I’d like to have some kind of “showroom” where we can see list of available components and example how to build it.
