Visual LDAP user name

[Harald Krammer <Ha...@hkr.at>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,
I run JSPWiki with Web Container Authentication via LDAP and it runs
fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).

Only the visualization of real user name is still missing. I get only
the login name (short name) instead of the full name in the change
history and so on.  Is it a default behaviour or misconfiguration?

Nice greetings,
Harald

- --

Harald Krammer
Brucknerstrasse 33
A - 4020  Linz
AUSTRIA

Mobil +43.(0) 664. 130 59 58
Mail: Harald.Krammer (at) hkr.at
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
=Kd7Y
-----END PGP SIGNATURE-----

Re: Visual LDAP user name

[Andrew Jaquith <an...@gmail.com>]

...you check out the trunk and look at the javadocs, which are  
extremely well-documented.

Sorry my reply came as a serialization... I did it one-handed on the  
iPhone and fat-fingered TWICE.

Andrew

On Oct 25, 2009, at 7:10, Andrew Jaquith <an...@gmail.com>  
wrote:

> Sorry-- I fat-fingered the send button!
>
> Anyhow, with the LdapUserDatabase you won't need to provision or  
> deprovision because everything will be in LDAP. We will keep some  
> data locally (user prefs) but that's it.
>
> At this point, if you still have concerns I'd recommend yo
>
> On Oct 25, 2009, at 7:04, Andrew Jaquith   
> <an...@gmail.com> wrote:
>
>> I should not have used the magic word "provision" in my last post.  
>> The important concept is that when the LdapUserDatabase is used,  
>> LDAP *is* the user database
>>
>> On Oct 25, 2009, at 6:38, Jim Willeke <ji...@willeke.com> wrote:
>>
>>> But what about de-provisioning users?
>>>
>>> The issue with putting users in yet another database in the  
>>> enterprise world
>>> central provisioning, de-provisioning and RBAC are the strategic  
>>> directions
>>> with no desire to mange users in remote stores.
>>>
>>> And why would someone want to put in information into the WIKI  
>>> when it is
>>> already been add to the user in LDAP via the enterprise portal?
>>>
>>> I will agree the local "groups" concept is necessary, but it  
>>> should be an
>>> agumnetation to container managed security that most enterprises  
>>> would
>>> utilize.
>>>
>>> So users in the role (perhaps by department) "Sales" would always  
>>> be able to
>>> view any pages with "Sales":
>>>
>>> Then the local "groups" would be done to perform "teaming"  
>>> arrangements as
>>> would be done in a project that would cross departmental lines.
>>>
>>> -jim
>>> Jim Willeke
>>>
>>>
>>> On Sat, Oct 24, 2009 at 11:12 AM, Andrew Jaquith <andrew.r.jaquith@gmail.com
>>>> wrote:
>>>
>>>> JSPWiki 3.0 trunk already has an LdapUserDatabase and  
>>>> LdapAuthorizer,
>>>> which means that it can obtain user profiles on a read-only basis  
>>>> from
>>>> LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
>>>> users will be "provisioned" in JSPWiki automatically. This should
>>>> solve the user-experience problem you described.
>>>>
>>>> The upcoming 3.0 LDAP features have been developed and tested with
>>>> Active Directory and OpenLDAP. It is configured via the GUI at
>>>> install-time.
>>>>
>>>> With respect to permissions and group memberships: these are good
>>>> suggestions. We still have some work to do for the GUI for ACLs for
>>>> 3.0. I agree that we should be validating user names when users  
>>>> create
>>>> the ACLs. Same for adding users to groups. These suggestions will  
>>>> be
>>>> incorporated into how the ACL GUIs work -- likely via AJAX in
>>>> real-time.
>>>>
>>>> Andrew
>>>>
>>>> On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt  
>>>> <te...@zama.org> wrote:
>>>>> The group and permission system in the jspwiki is rather  
>>>>> dynamic, and
>>>> ldaps
>>>>> tends to be readonly except for a groups of administrators.  
>>>>> There for
>>>> there
>>>>> is still need for the user.xml and group.xml. But in my opinion  
>>>>> the
>>>> user.xml
>>>>> needs to be automatically updated when a new ldap user is logged  
>>>>> in.
>>>>>
>>>>> Otherwise granting and managing jspwiki permissions i a  
>>>>> nightmare, this
>>>> also
>>>>> enhanced since there is no check on if a user exist - when  
>>>>> adding users
>>>> to
>>>>> wiki group or setting a page permission.
>>>>>
>>>>> I think the following should be changed.
>>>>>
>>>>> - First time a new user is logged in - the user should be added  
>>>>> to the
>>>> the
>>>>> user.xml and redirect to the profile page for setting additional
>>>> information
>>>>> (email, full name and section edition etc)
>>>>>
>>>>> - Adding page permission should lookup if the group or the user  
>>>>> exist.
>>>>>
>>>>> - Adding users to a wiki group should only be possible for  
>>>>> existing
>>>> users.
>>>>>
>>>>> /Thomas
>>>>>
>>>>>
>>>>> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>>>>>
>>>>>> Why allow people to eliminate the user.xml?
>>>>>>
>>>>>> Why not allow the use of LDAP for the user profile?
>>>>>>
>>>>>> Allow mapping the LDAP attributes to the profile values?
>>>>>>
>>>>>> Enterprises have no desire to maintain another separate user  
>>>>>> store of
>>>>>> information. Many already have a central LDAP store.
>>>>>>
>>>>>> -jim
>>>>>> Jim Willeke
>>>>>>
>>>>>>
>>>>>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt  
>>>>>> <te...@zama.org>
>>>> wrote:
>>>>>>
>>>>>>> I would suggest a change, if a ldap user is logging the first  
>>>>>>> time.
>>>> the
>>>>>>> Wiki should create the user in the user.xml - it gives a lot  
>>>>>>> of problem
>>>>>>> when
>>>>>>> adding a ldap user to a wiki group, since it possible that the  
>>>>>>> user
>>>> isn't
>>>>>>> created.
>>>>>>>
>>>>>>>
>>>>>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>>>>>
>>>>>>> If a user creates a user profile after logging into the  
>>>>>>> container, he
>>>> or
>>>>>>>>
>>>>>>>> she will have an opportunity to specify a "full name." If a  
>>>>>>>> full name
>>>> is
>>>>>>>> supplied, it will be used in page histories etc from that point
>>>> forward.
>>>>>>>>
>>>>>>>> Andrew
>>>>>>>>
>>>>>>>> On Oct 22, 2009, at 16:34, Harald Krammer <Harald.Krammer@hkr.at 
>>>>>>>> >
>>>> wrote:
>>>>>>>>
>>>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>>>>
>>>>>>>>> Hash: SHA256
>>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>> I run JSPWiki with Web Container Authentication via LDAP and  
>>>>>>>>> it runs
>>>>>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK  
>>>>>>>>> 6).
>>>>>>>>>
>>>>>>>>> Only the visualization of real user name is still missing. I  
>>>>>>>>> get only
>>>>>>>>> the login name (short name) instead of the full name in the  
>>>>>>>>> change
>>>>>>>>> history and so on.  Is it a default behaviour or  
>>>>>>>>> misconfiguration?
>>>>>>>>>
>>>>>>>>> Nice greetings,
>>>>>>>>> Harald
>>>>>>>>>
>>>>>>>>> - --
>>>>>>>>>
>>>>>>>>> Harald Krammer
>>>>>>>>> Brucknerstrasse 33
>>>>>>>>> A - 4020  Linz
>>>>>>>>> AUSTRIA
>>>>>>>>>
>>>>>>>>> Mobil +43.(0) 664. 130 59 58
>>>>>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>>>>>
>>>>>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/ 
>>>>>>>>> HrqMiWfZ
>>>>>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>>>>>> =Kd7Y
>>>>>>>>> -----END PGP SIGNATURE-----
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>>

Re: Visual LDAP user name

[Andrew Jaquith <an...@gmail.com>]

Sorry-- I fat-fingered the send button!

Anyhow, with the LdapUserDatabase you won't need to provision or  
deprovision because everything will be in LDAP. We will keep some data  
locally (user prefs) but that's it.

At this point, if you still have concerns I'd recommend yo

On Oct 25, 2009, at 7:04, Andrew Jaquith  <an...@gmail.com>  
wrote:

> I should not have used the magic word "provision" in my last post.  
> The important concept is that when the LdapUserDatabase is used,  
> LDAP *is* the user database
>
> On Oct 25, 2009, at 6:38, Jim Willeke <ji...@willeke.com> wrote:
>
>> But what about de-provisioning users?
>>
>> The issue with putting users in yet another database in the  
>> enterprise world
>> central provisioning, de-provisioning and RBAC are the strategic  
>> directions
>> with no desire to mange users in remote stores.
>>
>> And why would someone want to put in information into the WIKI when  
>> it is
>> already been add to the user in LDAP via the enterprise portal?
>>
>> I will agree the local "groups" concept is necessary, but it should  
>> be an
>> agumnetation to container managed security that most enterprises  
>> would
>> utilize.
>>
>> So users in the role (perhaps by department) "Sales" would always  
>> be able to
>> view any pages with "Sales":
>>
>> Then the local "groups" would be done to perform "teaming"  
>> arrangements as
>> would be done in a project that would cross departmental lines.
>>
>> -jim
>> Jim Willeke
>>
>>
>> On Sat, Oct 24, 2009 at 11:12 AM, Andrew Jaquith <andrew.r.jaquith@gmail.com
>>> wrote:
>>
>>> JSPWiki 3.0 trunk already has an LdapUserDatabase and  
>>> LdapAuthorizer,
>>> which means that it can obtain user profiles on a read-only basis  
>>> from
>>> LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
>>> users will be "provisioned" in JSPWiki automatically. This should
>>> solve the user-experience problem you described.
>>>
>>> The upcoming 3.0 LDAP features have been developed and tested with
>>> Active Directory and OpenLDAP. It is configured via the GUI at
>>> install-time.
>>>
>>> With respect to permissions and group memberships: these are good
>>> suggestions. We still have some work to do for the GUI for ACLs for
>>> 3.0. I agree that we should be validating user names when users  
>>> create
>>> the ACLs. Same for adding users to groups. These suggestions will be
>>> incorporated into how the ACL GUIs work -- likely via AJAX in
>>> real-time.
>>>
>>> Andrew
>>>
>>> On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te...@zama.org>  
>>> wrote:
>>>> The group and permission system in the jspwiki is rather dynamic,  
>>>> and
>>> ldaps
>>>> tends to be readonly except for a groups of administrators. There  
>>>> for
>>> there
>>>> is still need for the user.xml and group.xml. But in my opinion the
>>> user.xml
>>>> needs to be automatically updated when a new ldap user is logged  
>>>> in.
>>>>
>>>> Otherwise granting and managing jspwiki permissions i a  
>>>> nightmare, this
>>> also
>>>> enhanced since there is no check on if a user exist - when adding  
>>>> users
>>> to
>>>> wiki group or setting a page permission.
>>>>
>>>> I think the following should be changed.
>>>>
>>>> - First time a new user is logged in - the user should be added  
>>>> to the
>>> the
>>>> user.xml and redirect to the profile page for setting additional
>>> information
>>>> (email, full name and section edition etc)
>>>>
>>>> - Adding page permission should lookup if the group or the user  
>>>> exist.
>>>>
>>>> - Adding users to a wiki group should only be possible for existing
>>> users.
>>>>
>>>> /Thomas
>>>>
>>>>
>>>> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>>>>
>>>>> Why allow people to eliminate the user.xml?
>>>>>
>>>>> Why not allow the use of LDAP for the user profile?
>>>>>
>>>>> Allow mapping the LDAP attributes to the profile values?
>>>>>
>>>>> Enterprises have no desire to maintain another separate user  
>>>>> store of
>>>>> information. Many already have a central LDAP store.
>>>>>
>>>>> -jim
>>>>> Jim Willeke
>>>>>
>>>>>
>>>>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org>
>>> wrote:
>>>>>
>>>>>> I would suggest a change, if a ldap user is logging the first  
>>>>>> time.
>>> the
>>>>>> Wiki should create the user in the user.xml - it gives a lot of  
>>>>>> problem
>>>>>> when
>>>>>> adding a ldap user to a wiki group, since it possible that the  
>>>>>> user
>>> isn't
>>>>>> created.
>>>>>>
>>>>>>
>>>>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>>>>
>>>>>> If a user creates a user profile after logging into the  
>>>>>> container, he
>>> or
>>>>>>>
>>>>>>> she will have an opportunity to specify a "full name." If a  
>>>>>>> full name
>>> is
>>>>>>> supplied, it will be used in page histories etc from that point
>>> forward.
>>>>>>>
>>>>>>> Andrew
>>>>>>>
>>>>>>> On Oct 22, 2009, at 16:34, Harald Krammer  
>>>>>>> <Ha...@hkr.at>
>>> wrote:
>>>>>>>
>>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>>>
>>>>>>>> Hash: SHA256
>>>>>>>>
>>>>>>>> Hello,
>>>>>>>> I run JSPWiki with Web Container Authentication via LDAP and  
>>>>>>>> it runs
>>>>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK  
>>>>>>>> 6).
>>>>>>>>
>>>>>>>> Only the visualization of real user name is still missing. I  
>>>>>>>> get only
>>>>>>>> the login name (short name) instead of the full name in the  
>>>>>>>> change
>>>>>>>> history and so on.  Is it a default behaviour or  
>>>>>>>> misconfiguration?
>>>>>>>>
>>>>>>>> Nice greetings,
>>>>>>>> Harald
>>>>>>>>
>>>>>>>> - --
>>>>>>>>
>>>>>>>> Harald Krammer
>>>>>>>> Brucknerstrasse 33
>>>>>>>> A - 4020  Linz
>>>>>>>> AUSTRIA
>>>>>>>>
>>>>>>>> Mobil +43.(0) 664. 130 59 58
>>>>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>>>>
>>>>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/ 
>>>>>>>> HrqMiWfZ
>>>>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>>>>> =Kd7Y
>>>>>>>> -----END PGP SIGNATURE-----
>>>>>>>>
>>>>>>>
>>>>>>
>>>>
>>>>
>>>

Re: Visual LDAP user name

[Andrew Jaquith <an...@gmail.com>]

I should not have used the magic word "provision" in my last post. The  
important concept is that when the LdapUserDatabase is used, LDAP *is*  
the user database

On Oct 25, 2009, at 6:38, Jim Willeke <ji...@willeke.com> wrote:

> But what about de-provisioning users?
>
> The issue with putting users in yet another database in the  
> enterprise world
> central provisioning, de-provisioning and RBAC are the strategic  
> directions
> with no desire to mange users in remote stores.
>
> And why would someone want to put in information into the WIKI when  
> it is
> already been add to the user in LDAP via the enterprise portal?
>
> I will agree the local "groups" concept is necessary, but it should  
> be an
> agumnetation to container managed security that most enterprises would
> utilize.
>
> So users in the role (perhaps by department) "Sales" would always be  
> able to
> view any pages with "Sales":
>
> Then the local "groups" would be done to perform "teaming"  
> arrangements as
> would be done in a project that would cross departmental lines.
>
> -jim
> Jim Willeke
>
>
> On Sat, Oct 24, 2009 at 11:12 AM, Andrew Jaquith <andrew.r.jaquith@gmail.com
>> wrote:
>
>> JSPWiki 3.0 trunk already has an LdapUserDatabase and LdapAuthorizer,
>> which means that it can obtain user profiles on a read-only basis  
>> from
>> LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
>> users will be "provisioned" in JSPWiki automatically. This should
>> solve the user-experience problem you described.
>>
>> The upcoming 3.0 LDAP features have been developed and tested with
>> Active Directory and OpenLDAP. It is configured via the GUI at
>> install-time.
>>
>> With respect to permissions and group memberships: these are good
>> suggestions. We still have some work to do for the GUI for ACLs for
>> 3.0. I agree that we should be validating user names when users  
>> create
>> the ACLs. Same for adding users to groups. These suggestions will be
>> incorporated into how the ACL GUIs work -- likely via AJAX in
>> real-time.
>>
>> Andrew
>>
>> On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te...@zama.org>  
>> wrote:
>>> The group and permission system in the jspwiki is rather dynamic,  
>>> and
>> ldaps
>>> tends to be readonly except for a groups of administrators. There  
>>> for
>> there
>>> is still need for the user.xml and group.xml. But in my opinion the
>> user.xml
>>> needs to be automatically updated when a new ldap user is logged in.
>>>
>>> Otherwise granting and managing jspwiki permissions i a nightmare,  
>>> this
>> also
>>> enhanced since there is no check on if a user exist - when adding  
>>> users
>> to
>>> wiki group or setting a page permission.
>>>
>>> I think the following should be changed.
>>>
>>> - First time a new user is logged in - the user should be added to  
>>> the
>> the
>>> user.xml and redirect to the profile page for setting additional
>> information
>>> (email, full name and section edition etc)
>>>
>>> - Adding page permission should lookup if the group or the user  
>>> exist.
>>>
>>> - Adding users to a wiki group should only be possible for existing
>> users.
>>>
>>> /Thomas
>>>
>>>
>>> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>>>
>>>> Why allow people to eliminate the user.xml?
>>>>
>>>> Why not allow the use of LDAP for the user profile?
>>>>
>>>> Allow mapping the LDAP attributes to the profile values?
>>>>
>>>> Enterprises have no desire to maintain another separate user  
>>>> store of
>>>> information. Many already have a central LDAP store.
>>>>
>>>> -jim
>>>> Jim Willeke
>>>>
>>>>
>>>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org>
>> wrote:
>>>>
>>>>> I would suggest a change, if a ldap user is logging the first  
>>>>> time.
>> the
>>>>> Wiki should create the user in the user.xml - it gives a lot of  
>>>>> problem
>>>>> when
>>>>> adding a ldap user to a wiki group, since it possible that the  
>>>>> user
>> isn't
>>>>> created.
>>>>>
>>>>>
>>>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>>>
>>>>> If a user creates a user profile after logging into the  
>>>>> container, he
>> or
>>>>>>
>>>>>> she will have an opportunity to specify a "full name." If a  
>>>>>> full name
>> is
>>>>>> supplied, it will be used in page histories etc from that point
>> forward.
>>>>>>
>>>>>> Andrew
>>>>>>
>>>>>> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at>
>> wrote:
>>>>>>
>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>>
>>>>>>> Hash: SHA256
>>>>>>>
>>>>>>> Hello,
>>>>>>> I run JSPWiki with Web Container Authentication via LDAP and  
>>>>>>> it runs
>>>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>>>>>
>>>>>>> Only the visualization of real user name is still missing. I  
>>>>>>> get only
>>>>>>> the login name (short name) instead of the full name in the  
>>>>>>> change
>>>>>>> history and so on.  Is it a default behaviour or  
>>>>>>> misconfiguration?
>>>>>>>
>>>>>>> Nice greetings,
>>>>>>> Harald
>>>>>>>
>>>>>>> - --
>>>>>>>
>>>>>>> Harald Krammer
>>>>>>> Brucknerstrasse 33
>>>>>>> A - 4020  Linz
>>>>>>> AUSTRIA
>>>>>>>
>>>>>>> Mobil +43.(0) 664. 130 59 58
>>>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>>>
>>>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>>>> =Kd7Y
>>>>>>> -----END PGP SIGNATURE-----
>>>>>>>
>>>>>>
>>>>>
>>>
>>>
>>

Re: Visual LDAP user name

[Jim Willeke <ji...@willeke.com>]

But what about de-provisioning users?

The issue with putting users in yet another database in the enterprise world
central provisioning, de-provisioning and RBAC are the strategic directions
with no desire to mange users in remote stores.

And why would someone want to put in information into the WIKI when it is
already been add to the user in LDAP via the enterprise portal?

I will agree the local "groups" concept is necessary, but it should be an
agumnetation to container managed security that most enterprises would
utilize.

So users in the role (perhaps by department) "Sales" would always be able to
view any pages with "Sales":

Then the local "groups" would be done to perform "teaming" arrangements as
would be done in a project that would cross departmental lines.

-jim
Jim Willeke


On Sat, Oct 24, 2009 at 11:12 AM, Andrew Jaquith <andrew.r.jaquith@gmail.com
> wrote:

> JSPWiki 3.0 trunk already has an LdapUserDatabase and LdapAuthorizer,
> which means that it can obtain user profiles on a read-only basis from
> LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
> users will be "provisioned" in JSPWiki automatically. This should
> solve the user-experience problem you described.
>
> The upcoming 3.0 LDAP features have been developed and tested with
> Active Directory and OpenLDAP. It is configured via the GUI at
> install-time.
>
> With respect to permissions and group memberships: these are good
> suggestions. We still have some work to do for the GUI for ACLs for
> 3.0. I agree that we should be validating user names when users create
> the ACLs. Same for adding users to groups. These suggestions will be
> incorporated into how the ACL GUIs work -- likely via AJAX in
> real-time.
>
> Andrew
>
> On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te...@zama.org> wrote:
> > The group and permission system in the jspwiki is rather dynamic, and
> ldaps
> > tends to be readonly except for a groups of administrators. There for
> there
> > is still need for the user.xml and group.xml. But in my opinion the
> user.xml
> > needs to be automatically updated when a new ldap user is logged in.
> >
> > Otherwise granting and managing jspwiki permissions i a nightmare, this
> also
> > enhanced since there is no check on if a user exist - when adding users
> to
> > wiki group or setting a page permission.
> >
> > I think the following should be changed.
> >
> > - First time a new user is logged in - the user should be added to the
> the
> > user.xml and redirect to the profile page for setting additional
> information
> > (email, full name and section edition etc)
> >
> > - Adding page permission should lookup if the group or the user exist.
> >
> > - Adding users to a wiki group should only be possible for existing
> users.
> >
> > /Thomas
> >
> >
> > On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
> >
> >> Why allow people to eliminate the user.xml?
> >>
> >> Why not allow the use of LDAP for the user profile?
> >>
> >> Allow mapping the LDAP attributes to the profile values?
> >>
> >> Enterprises have no desire to maintain another separate user store of
> >> information. Many already have a central LDAP store.
> >>
> >> -jim
> >> Jim Willeke
> >>
> >>
> >> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org>
> wrote:
> >>
> >>> I would suggest a change, if a ldap user is logging the first time.
>  the
> >>> Wiki should create the user in the user.xml - it gives a lot of problem
> >>> when
> >>> adding a ldap user to a wiki group, since it possible that the user
> isn't
> >>> created.
> >>>
> >>>
> >>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
> >>>
> >>> If a user creates a user profile after logging into the container, he
> or
> >>>>
> >>>> she will have an opportunity to specify a "full name." If a full name
> is
> >>>> supplied, it will be used in page histories etc from that point
> forward.
> >>>>
> >>>> Andrew
> >>>>
> >>>> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at>
> wrote:
> >>>>
> >>>> -----BEGIN PGP SIGNED MESSAGE-----
> >>>>>
> >>>>> Hash: SHA256
> >>>>>
> >>>>> Hello,
> >>>>> I run JSPWiki with Web Container Authentication via LDAP and it runs
> >>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
> >>>>>
> >>>>> Only the visualization of real user name is still missing. I get only
> >>>>> the login name (short name) instead of the full name in the change
> >>>>> history and so on.  Is it a default behaviour or misconfiguration?
> >>>>>
> >>>>> Nice greetings,
> >>>>> Harald
> >>>>>
> >>>>> - --
> >>>>>
> >>>>> Harald Krammer
> >>>>> Brucknerstrasse 33
> >>>>> A - 4020  Linz
> >>>>> AUSTRIA
> >>>>>
> >>>>> Mobil +43.(0) 664. 130 59 58
> >>>>> Mail: Harald.Krammer (at) hkr.at
> >>>>> -----BEGIN PGP SIGNATURE-----
> >>>>> Version: GnuPG v1.4.9 (GNU/Linux)
> >>>>>
> >>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
> >>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
> >>>>> =Kd7Y
> >>>>> -----END PGP SIGNATURE-----
> >>>>>
> >>>>
> >>>
> >
> >
>

Re: Visual LDAP user name

[Andrew Jaquith <an...@gmail.com>]

It is still too early. I don't have an estimate of when you can start  
testing. We would Iike to get an alpha out soon, obviously.

On Oct 25, 2009, at 5:30, Harald Krammer <Ha...@hkr.at> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> That sounds interesting.
> It is noted that the trunk is heavily under construction and the  
> code is
> broken. Does it make sense to test current trunk version or is it  
> too early?
>
> Greetings,
> Harald
>
> Andrew Jaquith schrieb:
>> JSPWiki 3.0 trunk already has an LdapUserDatabase and LdapAuthorizer,
>> which means that it can obtain user profiles on a read-only basis  
>> from
>> LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
>> users will be "provisioned" in JSPWiki automatically. This should
>> solve the user-experience problem you described.
>>
>> The upcoming 3.0 LDAP features have been developed and tested with
>> Active Directory and OpenLDAP. It is configured via the GUI at
>> install-time.
>>
>> With respect to permissions and group memberships: these are good
>> suggestions. We still have some work to do for the GUI for ACLs for
>> 3.0. I agree that we should be validating user names when users  
>> create
>> the ACLs. Same for adding users to groups. These suggestions will be
>> incorporated into how the ACL GUIs work -- likely via AJAX in
>> real-time.
>>
>> Andrew
>>
>> On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te...@zama.org>  
>> wrote:
>>> The group and permission system in the jspwiki is rather dynamic,  
>>> and ldaps
>>> tends to be readonly except for a groups of administrators. There  
>>> for there
>>> is still need for the user.xml and group.xml. But in my opinion  
>>> the user.xml
>>> needs to be automatically updated when a new ldap user is logged in.
>>>
>>> Otherwise granting and managing jspwiki permissions i a nightmare,  
>>> this also
>>> enhanced since there is no check on if a user exist - when adding  
>>> users to
>>> wiki group or setting a page permission.
>>>
>>> I think the following should be changed.
>>>
>>> - First time a new user is logged in - the user should be added to  
>>> the the
>>> user.xml and redirect to the profile page for setting additional  
>>> information
>>> (email, full name and section edition etc)
>>>
>>> - Adding page permission should lookup if the group or the user  
>>> exist.
>>>
>>> - Adding users to a wiki group should only be possible for  
>>> existing users.
>>>
>>> /Thomas
>>>
>>>
>>> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>>>
>>>> Why allow people to eliminate the user.xml?
>>>>
>>>> Why not allow the use of LDAP for the user profile?
>>>>
>>>> Allow mapping the LDAP attributes to the profile values?
>>>>
>>>> Enterprises have no desire to maintain another separate user  
>>>> store of
>>>> information. Many already have a central LDAP store.
>>>>
>>>> -jim
>>>> Jim Willeke
>>>>
>>>>
>>>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt  
>>>> <te...@zama.org> wrote:
>>>>
>>>>> I would suggest a change, if a ldap user is logging the first  
>>>>> time.  the
>>>>> Wiki should create the user in the user.xml - it gives a lot of  
>>>>> problem
>>>>> when
>>>>> adding a ldap user to a wiki group, since it possible that the  
>>>>> user isn't
>>>>> created.
>>>>>
>>>>>
>>>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>>>
>>>>> If a user creates a user profile after logging into the  
>>>>> container, he or
>>>>>> she will have an opportunity to specify a "full name." If a  
>>>>>> full name is
>>>>>> supplied, it will be used in page histories etc from that point  
>>>>>> forward.
>>>>>>
>>>>>> Andrew
>>>>>>
>>>>>> On Oct 22, 2009, at 16:34, Harald Krammer  
>>>>>> <Ha...@hkr.at> wrote:
>>>>>>
>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>> Hash: SHA256
>>>>>>>
>>>>>>> Hello,
>>>>>>> I run JSPWiki with Web Container Authentication via LDAP and  
>>>>>>> it runs
>>>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>>>>>
>>>>>>> Only the visualization of real user name is still missing. I  
>>>>>>> get only
>>>>>>> the login name (short name) instead of the full name in the  
>>>>>>> change
>>>>>>> history and so on.  Is it a default behaviour or  
>>>>>>> misconfiguration?
>>>>>>>
>>>>>>> Nice greetings,
>>>>>>> Harald
>>>>>>>
>>>>>>> - --
>>>>>>>
>>>>>>> Harald Krammer
>>>>>>> Brucknerstrasse 33
>>>>>>> A - 4020  Linz
>>>>>>> AUSTRIA
>>>>>>>
>>>>>>> Mobil +43.(0) 664. 130 59 58
>>>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>>>
>>>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>>>> =Kd7Y
>>>>>>> -----END PGP SIGNATURE-----
>>>>>>>
>>>
>>
>
>
> - --
>
> Harald Krammer
> Brucknerstrasse 33
> A - 4020  Linz
> AUSTRIA
>
> Mobil +43.(0) 664. 130 59 58
> Mail: Harald.Krammer (at) hkr.at
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEAREIAAYFAkrkGqEACgkQ9QlAsubHO9vsYACgriH34OZiGCZq6Ac2DayNJnd3
> SKQAni/X1DtibeNEbZKtnzNAe+OHUwt2
> =KwyM
> -----END PGP SIGNATURE-----

Re: Visual LDAP user name

[Harald Krammer <Ha...@hkr.at>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

That sounds interesting.
It is noted that the trunk is heavily under construction and the code is
broken. Does it make sense to test current trunk version or is it too early?

Greetings,
Harald

Andrew Jaquith schrieb:
> JSPWiki 3.0 trunk already has an LdapUserDatabase and LdapAuthorizer,
> which means that it can obtain user profiles on a read-only basis from
> LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
> users will be "provisioned" in JSPWiki automatically. This should
> solve the user-experience problem you described.
> 
> The upcoming 3.0 LDAP features have been developed and tested with
> Active Directory and OpenLDAP. It is configured via the GUI at
> install-time.
> 
> With respect to permissions and group memberships: these are good
> suggestions. We still have some work to do for the GUI for ACLs for
> 3.0. I agree that we should be validating user names when users create
> the ACLs. Same for adding users to groups. These suggestions will be
> incorporated into how the ACL GUIs work -- likely via AJAX in
> real-time.
> 
> Andrew
> 
> On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te...@zama.org> wrote:
>> The group and permission system in the jspwiki is rather dynamic, and ldaps
>> tends to be readonly except for a groups of administrators. There for there
>> is still need for the user.xml and group.xml. But in my opinion the user.xml
>> needs to be automatically updated when a new ldap user is logged in.
>>
>> Otherwise granting and managing jspwiki permissions i a nightmare, this also
>> enhanced since there is no check on if a user exist - when adding users to
>> wiki group or setting a page permission.
>>
>> I think the following should be changed.
>>
>> - First time a new user is logged in - the user should be added to the the
>> user.xml and redirect to the profile page for setting additional information
>> (email, full name and section edition etc)
>>
>> - Adding page permission should lookup if the group or the user exist.
>>
>> - Adding users to a wiki group should only be possible for existing users.
>>
>> /Thomas
>>
>>
>> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>>
>>> Why allow people to eliminate the user.xml?
>>>
>>> Why not allow the use of LDAP for the user profile?
>>>
>>> Allow mapping the LDAP attributes to the profile values?
>>>
>>> Enterprises have no desire to maintain another separate user store of
>>> information. Many already have a central LDAP store.
>>>
>>> -jim
>>> Jim Willeke
>>>
>>>
>>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org> wrote:
>>>
>>>> I would suggest a change, if a ldap user is logging the first time.  the
>>>> Wiki should create the user in the user.xml - it gives a lot of problem
>>>> when
>>>> adding a ldap user to a wiki group, since it possible that the user isn't
>>>> created.
>>>>
>>>>
>>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>>
>>>> If a user creates a user profile after logging into the container, he or
>>>>> she will have an opportunity to specify a "full name." If a full name is
>>>>> supplied, it will be used in page histories etc from that point forward.
>>>>>
>>>>> Andrew
>>>>>
>>>>> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at> wrote:
>>>>>
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>> Hash: SHA256
>>>>>>
>>>>>> Hello,
>>>>>> I run JSPWiki with Web Container Authentication via LDAP and it runs
>>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>>>>
>>>>>> Only the visualization of real user name is still missing. I get only
>>>>>> the login name (short name) instead of the full name in the change
>>>>>> history and so on.  Is it a default behaviour or misconfiguration?
>>>>>>
>>>>>> Nice greetings,
>>>>>> Harald
>>>>>>
>>>>>> - --
>>>>>>
>>>>>> Harald Krammer
>>>>>> Brucknerstrasse 33
>>>>>> A - 4020  Linz
>>>>>> AUSTRIA
>>>>>>
>>>>>> Mobil +43.(0) 664. 130 59 58
>>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>>
>>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>>> =Kd7Y
>>>>>> -----END PGP SIGNATURE-----
>>>>>>
>>
> 


- --

Harald Krammer
Brucknerstrasse 33
A - 4020  Linz
AUSTRIA

Mobil +43.(0) 664. 130 59 58
Mail: Harald.Krammer (at) hkr.at
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEAREIAAYFAkrkGqEACgkQ9QlAsubHO9vsYACgriH34OZiGCZq6Ac2DayNJnd3
SKQAni/X1DtibeNEbZKtnzNAe+OHUwt2
=KwyM
-----END PGP SIGNATURE-----

Re: Visual LDAP user name

[Andrew Jaquith <an...@gmail.com>]

JSPWiki 3.0 trunk already has an LdapUserDatabase and LdapAuthorizer,
which means that it can obtain user profiles on a read-only basis from
LDAP, and obtain roles from LDAP groups. So if you use LDAP, your
users will be "provisioned" in JSPWiki automatically. This should
solve the user-experience problem you described.

The upcoming 3.0 LDAP features have been developed and tested with
Active Directory and OpenLDAP. It is configured via the GUI at
install-time.

With respect to permissions and group memberships: these are good
suggestions. We still have some work to do for the GUI for ACLs for
3.0. I agree that we should be validating user names when users create
the ACLs. Same for adding users to groups. These suggestions will be
incorporated into how the ACL GUIs work -- likely via AJAX in
real-time.

Andrew

On Sat, Oct 24, 2009 at 7:25 AM, Thomas Engelschmidt <te...@zama.org> wrote:
> The group and permission system in the jspwiki is rather dynamic, and ldaps
> tends to be readonly except for a groups of administrators. There for there
> is still need for the user.xml and group.xml. But in my opinion the user.xml
> needs to be automatically updated when a new ldap user is logged in.
>
> Otherwise granting and managing jspwiki permissions i a nightmare, this also
> enhanced since there is no check on if a user exist - when adding users to
> wiki group or setting a page permission.
>
> I think the following should be changed.
>
> - First time a new user is logged in - the user should be added to the the
> user.xml and redirect to the profile page for setting additional information
> (email, full name and section edition etc)
>
> - Adding page permission should lookup if the group or the user exist.
>
> - Adding users to a wiki group should only be possible for existing users.
>
> /Thomas
>
>
> On Oct 24, 2009, at 10:57 , Jim Willeke wrote:
>
>> Why allow people to eliminate the user.xml?
>>
>> Why not allow the use of LDAP for the user profile?
>>
>> Allow mapping the LDAP attributes to the profile values?
>>
>> Enterprises have no desire to maintain another separate user store of
>> information. Many already have a central LDAP store.
>>
>> -jim
>> Jim Willeke
>>
>>
>> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org> wrote:
>>
>>> I would suggest a change, if a ldap user is logging the first time.  the
>>> Wiki should create the user in the user.xml - it gives a lot of problem
>>> when
>>> adding a ldap user to a wiki group, since it possible that the user isn't
>>> created.
>>>
>>>
>>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>>
>>> If a user creates a user profile after logging into the container, he or
>>>>
>>>> she will have an opportunity to specify a "full name." If a full name is
>>>> supplied, it will be used in page histories etc from that point forward.
>>>>
>>>> Andrew
>>>>
>>>> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at> wrote:
>>>>
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>
>>>>> Hash: SHA256
>>>>>
>>>>> Hello,
>>>>> I run JSPWiki with Web Container Authentication via LDAP and it runs
>>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>>>
>>>>> Only the visualization of real user name is still missing. I get only
>>>>> the login name (short name) instead of the full name in the change
>>>>> history and so on.  Is it a default behaviour or misconfiguration?
>>>>>
>>>>> Nice greetings,
>>>>> Harald
>>>>>
>>>>> - --
>>>>>
>>>>> Harald Krammer
>>>>> Brucknerstrasse 33
>>>>> A - 4020  Linz
>>>>> AUSTRIA
>>>>>
>>>>> Mobil +43.(0) 664. 130 59 58
>>>>> Mail: Harald.Krammer (at) hkr.at
>>>>> -----BEGIN PGP SIGNATURE-----
>>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>>
>>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>>> =Kd7Y
>>>>> -----END PGP SIGNATURE-----
>>>>>
>>>>
>>>
>
>

Re: Visual LDAP user name

[Thomas Engelschmidt <te...@zama.org>]

The group and permission system in the jspwiki is rather dynamic, and  
ldaps tends to be readonly except for a groups of administrators.  
There for there is still need for the user.xml and group.xml. But in  
my opinion the user.xml needs to be automatically updated when a new  
ldap user is logged in.

Otherwise granting and managing jspwiki permissions i a nightmare,  
this also enhanced since there is no check on if a user exist - when  
adding users to wiki group or setting a page permission.

I think the following should be changed.

- First time a new user is logged in - the user should be added to the  
the user.xml and redirect to the profile page for setting additional  
information (email, full name and section edition etc)

- Adding page permission should lookup if the group or the user exist.

- Adding users to a wiki group should only be possible for existing  
users.

/Thomas


On Oct 24, 2009, at 10:57 , Jim Willeke wrote:

> Why allow people to eliminate the user.xml?
>
> Why not allow the use of LDAP for the user profile?
>
> Allow mapping the LDAP attributes to the profile values?
>
> Enterprises have no desire to maintain another separate user store of
> information. Many already have a central LDAP store.
>
> -jim
> Jim Willeke
>
>
> On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org>  
> wrote:
>
>> I would suggest a change, if a ldap user is logging the first  
>> time.  the
>> Wiki should create the user in the user.xml - it gives a lot of  
>> problem when
>> adding a ldap user to a wiki group, since it possible that the user  
>> isn't
>> created.
>>
>>
>> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>>
>> If a user creates a user profile after logging into the container,  
>> he or
>>> she will have an opportunity to specify a "full name." If a full  
>>> name is
>>> supplied, it will be used in page histories etc from that point  
>>> forward.
>>>
>>> Andrew
>>>
>>> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at>  
>>> wrote:
>>>
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA256
>>>>
>>>> Hello,
>>>> I run JSPWiki with Web Container Authentication via LDAP and it  
>>>> runs
>>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>>
>>>> Only the visualization of real user name is still missing. I get  
>>>> only
>>>> the login name (short name) instead of the full name in the change
>>>> history and so on.  Is it a default behaviour or misconfiguration?
>>>>
>>>> Nice greetings,
>>>> Harald
>>>>
>>>> - --
>>>>
>>>> Harald Krammer
>>>> Brucknerstrasse 33
>>>> A - 4020  Linz
>>>> AUSTRIA
>>>>
>>>> Mobil +43.(0) 664. 130 59 58
>>>> Mail: Harald.Krammer (at) hkr.at
>>>> -----BEGIN PGP SIGNATURE-----
>>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>>
>>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>>> =Kd7Y
>>>> -----END PGP SIGNATURE-----
>>>>
>>>
>>

Re: Visual LDAP user name

[Jim Willeke <ji...@willeke.com>]

Why allow people to eliminate the user.xml?

Why not allow the use of LDAP for the user profile?

Allow mapping the LDAP attributes to the profile values?

Enterprises have no desire to maintain another separate user store of
information. Many already have a central LDAP store.

-jim
Jim Willeke


On Fri, Oct 23, 2009 at 2:09 PM, Thomas Engelschmidt <te...@zama.org> wrote:

> I would suggest a change, if a ldap user is logging the first time.  the
> Wiki should create the user in the user.xml - it gives a lot of problem when
> adding a ldap user to a wiki group, since it possible that the user isn't
> created.
>
>
> On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:
>
>  If a user creates a user profile after logging into the container, he or
>> she will have an opportunity to specify a "full name." If a full name is
>> supplied, it will be used in page histories etc from that point forward.
>>
>> Andrew
>>
>> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at> wrote:
>>
>>  -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA256
>>>
>>> Hello,
>>> I run JSPWiki with Web Container Authentication via LDAP and it runs
>>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>>
>>> Only the visualization of real user name is still missing. I get only
>>> the login name (short name) instead of the full name in the change
>>> history and so on.  Is it a default behaviour or misconfiguration?
>>>
>>> Nice greetings,
>>> Harald
>>>
>>> - --
>>>
>>> Harald Krammer
>>> Brucknerstrasse 33
>>> A - 4020  Linz
>>> AUSTRIA
>>>
>>> Mobil +43.(0) 664. 130 59 58
>>> Mail: Harald.Krammer (at) hkr.at
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>>
>>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>>> =Kd7Y
>>> -----END PGP SIGNATURE-----
>>>
>>
>

Re: Visual LDAP user name

[Thomas Engelschmidt <te...@zama.org>]

I would suggest a change, if a ldap user is logging the first time.   
the Wiki should create the user in the user.xml - it gives a lot of  
problem when adding a ldap user to a wiki group, since it possible  
that the user isn't created.


On Oct 23, 2009, at 00:38 , Andrew Jaquith wrote:

> If a user creates a user profile after logging into the container,  
> he or she will have an opportunity to specify a "full name." If a  
> full name is supplied, it will be used in page histories etc from  
> that point forward.
>
> Andrew
>
> On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at>  
> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Hello,
>> I run JSPWiki with Web Container Authentication via LDAP and it runs
>> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>>
>> Only the visualization of real user name is still missing. I get only
>> the login name (short name) instead of the full name in the change
>> history and so on.  Is it a default behaviour or misconfiguration?
>>
>> Nice greetings,
>> Harald
>>
>> - --
>>
>> Harald Krammer
>> Brucknerstrasse 33
>> A - 4020  Linz
>> AUSTRIA
>>
>> Mobil +43.(0) 664. 130 59 58
>> Mail: Harald.Krammer (at) hkr.at
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (GNU/Linux)
>>
>> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
>> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
>> =Kd7Y
>> -----END PGP SIGNATURE-----

Re: Visual LDAP user name

[Andrew Jaquith <an...@gmail.com>]

If a user creates a user profile after logging into the container, he  
or she will have an opportunity to specify a "full name." If a full  
name is supplied, it will be used in page histories etc from that  
point forward.

Andrew

On Oct 22, 2009, at 16:34, Harald Krammer <Ha...@hkr.at> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Hello,
> I run JSPWiki with Web Container Authentication via LDAP and it runs
> fine (JSPWIki 2.8.2, OpenLDAP 2.4.11, Apache 6.0.20, OpenJDK 6).
>
> Only the visualization of real user name is still missing. I get only
> the login name (short name) instead of the full name in the change
> history and so on.  Is it a default behaviour or misconfiguration?
>
> Nice greetings,
> Harald
>
> - --
>
> Harald Krammer
> Brucknerstrasse 33
> A - 4020  Linz
> AUSTRIA
>
> Mobil +43.(0) 664. 130 59 58
> Mail: Harald.Krammer (at) hkr.at
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEAREIAAYFAkrgwegACgkQ9QlAsubHO9vd7QCfT5rEQYRsPUAVvbs/HrqMiWfZ
> w6cAnjEp4FKX+3T3szBwW1n+DbCMd0z0
> =Kd7Y
> -----END PGP SIGNATURE-----