[Moin-user] Question of auto create user profile via SSL client certification authentication

R.Bauer rb.proj at gmail.com
Wed Nov 4 10:54:34 EST 2009 

Hi
just before going in details. Do you have installed on your site
moin-1.9rc1?

Because the help page you refer too is for moin-1.9.

cheers
Reimar



jwhuang schrieb:
> Dear All,
> 
> I met some problems with Moin configuration about SSL authentication.
> I have self-signed certificates for my wiki server and users.
> Now I would like to use certificates to do authentication. Here is my
> reference: http://moinmo.in/HelpOnAuthentication
> As the section "SSL client certification authentication" said, I can use
> "autocreate" parameter to create user profile automatically once users pass
> SSL check.
> But it does not work in my wiki server. Could you help me to check my
> configuration if something wrong? Thanks a lot.
> 
> Add two lines at wikiconfig.py:
>     from MoinMoin.auth.sslclientcert import SSLClientCertAuth
>     auth = [SSLClientCertAuth(autocreate=['True'])]
> 
> At http.conf, I did the following configuration:
>     Alias /moin_static184/ "/var/www/mywiki/htdocs/"
>     WSGIScriptAlias /mywiki /var/www/mywiki/moin.wsgi
>     WSGIDaemonProcess mywiki user=apache group=apache processes=5 threads=10
> maximum-requests=1000 umask=0007
>     WSGIProcessGroup mywiki
>     WSGIPassAuthorization On
> 
>     <Location /mywiki>
>         SetHandler python-program
>         # Add the path of your wiki directory
>         PythonPath "['/var/www/mywiki',
> '/usr/local/lib/python2.4/site-packages'] + sys.path"
>         PythonHandler MoinMoin.request.request_modpython::Request.run
>         SSLVerifyClient require
>         SSLUserName SSL_CLIENT_S_DN
>         SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
>                  and %{SSL_CLIENT_S_DN_OU} in {"GRID"})
>     </Location>
> 
> I can access my wiki page with security http and see my DN shown in the
> ssl_sccess.log. But the user profile can not be created automatically.
> Any idea about this? Thanks a lot.
> 
> All the Best.
> Jhen-Wei Huang
> 
> 
> 
> ------------------------------------------------------------------------
> 
> ------------------------------------------------------------------------------
> Come build with us! The BlackBerry(R) Developer Conference in SF, CA
> is the only developer event you need to attend this year. Jumpstart your
> developing skills, take BlackBerry mobile applications to market and stay 
> ahead of the curve. Join us from November 9 - 12, 2009. Register now!
> http://p.sf.net/sfu/devconference
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Moin-user mailing list
> Moin-user at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/moin-user

More information about the Moin-user mailing list