[Moin-user] authenticating from multiple sources
Thomas Waldmann
tw-public at gmx.de
Sat Sep 5 07:22:25 EDT 2009
Hi Rick,
> I'm trying to get a wiki configured that will allow multiple
> authentication methods. According to HelpOnAuthentication, this
> should be possible by combining multiple auths.
It should be, but especially ldap auth is maybe not flexible enough and
defaults to a rather "authoritative" behaviour: if it tells "no", it is
"no".
Changing this needs thinking through different scenarios, like:
* mixing ldap and other authenticators
* mixing different ldap authenticators
* having multiple ldap authenticators with same content (like pdc, bdc)
The problem is that I personally don't use ldap auth and have no test
environment, thus well-tested improvements are very welcome.
> When I merge the two, the standard auth users are no longer able to
> log in. The LDAP users get an "Invalid username or password" error,
> BUT does successfully log in (they're able to click the "clear
> message" link and continue just fine).
That is because you use it as last authenticator, the authenticator that
ran before it already created a user object.
> givenname_attribute=None,
> surname_attribute=None,
> aliasname_attribute=None,
> email_attribute=None,
You maybe want to use some of these, so it creates/updates user profile
with the data from ldap.
> tls_cacertdir='',
> tls_cacertfile='',
> tls_certfile='',
> tls_keyfile='',
Look there: http://hg.moinmo.in/moin/1.8/rev/e42fc41f71a4
Cheers,
Thomas
More information about the Moin-user
mailing list