This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Configuration Files For JSPWIKI And LDAP
Configuration Files For JSPWIKI And LDAP

Version management

Difference between version and

At line 1 added 102 lines
!!! Overview
We needed to setup our wiki to use [LDAP] as the [Authentication] source.
The examples below were done on JSPWiki v2.8.4 using Tomcat 6.x.
!! Server.xml
First you must get container security to work by editing the /srv/tomcat/conf/server.xml file.
We used this within the "Engine" element:
{{{
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://192.168.1.4:389"
userBase="ou=people,dc=willeke,dc=com"
userSearch="(cn={0})"
userSubtree="true"
userRoleName="dictcrole"
connectionName="cn=proxy,ou=admin,dc=willeke,dc=com"
connectionPassword="verysecreatpasswordvalue"
/>
}}}
!! WEB.XML Values
Our desire was to force a login for anyone whom wanted to create or edit a page.
Add to the /.../webapps/yourapplication/WEB-INF/web.xml file of your application, the security-constraint directive.
{{{
<!-- REMOVE ME TO ENABLE CONTAINER-MANAGED AUTH -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Administrative Area</web-resource-name>
<url-pattern>/Delete.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
<!-- <user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
-->
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Authenticated area</web-resource-name>
<url-pattern>/Edit.jsp</url-pattern>
<url-pattern>/Comment.jsp</url-pattern>
<url-pattern>/Login.jsp</url-pattern>
<url-pattern>/NewGroup.jsp</url-pattern>
<url-pattern>/Rename.jsp</url-pattern>
<url-pattern>/Upload.jsp</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>HEAD</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<web-resource-collection>
<web-resource-name>Read-only Area</web-resource-name>
<url-pattern>/attach</url-pattern>
<http-method>DELETE</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
<role-name>Authenticated</role-name>
</auth-constraint>
<!-- <user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
-->
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/LoginForm.jsp</form-login-page>
<form-error-page>/LoginForm.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>
This logical role includes all authenticated users
</description>
<role-name>Authenticated</role-name>
</security-role>
<security-role>
<description>
This logical role includes all administrative users
</description>
<role-name>Admin</role-name>
</security-role>
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop