On Tue, Mar 29, 2016 at 4:12 PM, Mark Sack <mark.s...@secti.al.gov.br> wrote: > My bad. I am indeed using the extension > http://extensions.xwiki.org/xwiki/bin/view/Extension/Authenticator+Jasig+CAS > <http://extensions.xwiki.org/xwiki/bin/view/Extension/Authenticator+Jasig+CAS> > I just assumed this extension would be the only choice for CAS > authentication. So I didn't explicitly mention it. > > The CAS server has its own login page (at least in the Ruby implementation > that I am using). That server takes the ID and password entered on the login > page and passes it through to whatever service(s) (LDAP, database, etc.) it > is configured to authenticate against. The real value of CAS is that it > remembers the user's login status and doesn't ask the user to > re-authenticate if he wants to log in to to a different app but already has > a status of logged in. Since CAS is intended to handle login requests from > multiple applications, it isn't really the right place to do a mapping of > user IDs such as that required specifically by xwiki. > > I'll continue to poke around for alternatives but it appears that, since my > programming skills aren't very deep, I'll need to fall back to recreating > the users. > > In the long term, I can see two alternative enhancements to prevent users > from getting into this predicament:
> - remove the restriction that xwiki user IDs cannot contain periods (which I > understand from previous posts is difficult and not on the list of > priorities) The last blockers for this are http://jira.xwiki.org/browse/XWIKI-5149 and http://jira.xwiki.org/browse/XWIKI-5174 as far as I remember but yes nobody is actively working on it.. > - enhance the xwiki Jasig CAS extension to provide a mapping capability > similar to that of LDAPProfileClass (this would depend on the maintainer of > the extension, I suppose). You could create an improvement or new feature issue for this on http://jira.xwiki.org/browse/AUTHCAS to keep track of it since it will probably get lost in the mailing list. > > All of this is just my two cents worth. I can understand why fixing this > issue would not be a high priority since, in any system with a large number > of users, the users would not be created manually as I have done. I also > have the option of setting the system to create users when they first log > in, thus avoiding the problem when adding new users in future. (For now, I > need the database nicely populated to demonstrate its utility to the user > community and can't rely on them all logging in first.) > > Thanks for your help in investigating the issue. > > Regards > Mark > > > > -- > View this message in context: > http://xwiki.475771.n2.nabble.com/Jasig-CAS-authentication-and-users-with-periods-in-the-id-tp7598674p7598696.html > Sent from the XWiki- Users mailing list archive at Nabble.com. > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users -- Thomas Mortagne _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
