I installed the “LDAP Application” extension to use LDAP authentication.
I added in /etc/xwiki/xwiki.cfg
the line
xwiki.authentication.authclass = org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
It works very well !
Now, I want to use SSO. That’s what I understood:
implement the com.xpn.xwikiuser.api.XWikiAuthService interface
to create a class like
org.monentrepsrise.xwiki.sso
In /etc/xwiki/xwiki.cfg put
xwiki.authentication.authclass = org.monentrepsrise.xwiki.sso
I do not know enough Java to write the class org.monentrepsrise.xwiki.sso
Do you have a model? What is the simplest method ?
My environment is:
xwiki 11.2 on Debian 9.6
LDAP => OpenLDAP server
SSO => CAS server
Thank you for your advice. The SSO worked with the extension “Authenticator Jasig CAS”
That’s precisely how I did
Configure XWIKI with LDAPe authentication
To do this, install the extension “LDAP Application” and add in /etc/xwiki/xwiki.cfg the line
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
Verify that the LDAP configuration works
Install the extension “Authenticator Jasig CAS”
In /etc/xwiki/xwiki.cfg
replace the line
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
by
"
xwiki.authentication.authclass=org.xwiki.contrib.authentication.cas.XWikiCASAuthenticator
xwiki.authentication.cas.server=https://sso.my_firm.fr
xwiki.authentication.cas.protocol=CAS20
xwiki.authentication.cas.fields_mapping = email=email, first_name=first_name, last_name=last_name
xwiki.authentication.cas.create_user=1
xwiki.authentication.cas.update_user=1
"
it is indicated
(only SAML11) mapping between XWiki user profile values and CAS attributes. Example (xwiki-attribute=cas-attribute,…)
xwiki.authentication.cas.fields_mapping=last_name=lastName,first_name=firstName,email=email
but :
it works with CAS20
it is necessary to mark precisely
last_name=last_name,first_name=first_name,email=email
(the “_” was missing)