Hello, i am using XWIKI in free with LDAP Authentication.
I searched but i not find how i can use full SSO integration. I want to open my browser on XWIKI page without typing my password. I want automatic SSO.
It is possible with LDAP Authentication ? If no, there is another way ? (If i must pay i can do it)
Thanks
Hi,
it’s possible - we have it like this in our company.
As a starting-point: We do the kerberos-auth using apache (which is also our reverse-proxy) - see this:
https://www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Authentication/#HKerberosSSOAuthentication
(only until the tomcat-connector!)
with this, you can get the actual user as a http-header-variable to the xwiki-application.
And there, you’ll need the LDAP-authenticator:
https://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/
With this, you’ll take this header-variable (search for: xwiki.authentication.ldap.httpHeader=REMOTE_USER)
and do the LDAP-auth to get the ActiveDirectory-Groups etc.
For details, search in this forum or on the other documentation pages. I can’t provide a full setup because of our special environment.
regards
gerd
LDAP authentication is possible with the free LDAP authenticator. That’s just a matter of configuring the LDAP plugin with the correct parameters.
As for configuring it without using a username/password prompt, I didn’t know that was even possible. (Is it even possible?).
On my system, if the users save their credentials with their browser session, they log in automatically after the first time.
I will check this and how we can implement it