[Moin-user] questions about ldap auth

Marco Strullato marco.strullato at gmail.com
Fri Sep 10 04:23:49 EDT 2010 

Hi all,
this is my first time with moin wiki, I've ever used mediawiki before...
so, I have some questions:
-the first is how can I set the log level: I see in the error log of
apache waring and info logs: I'd like to have only error logs.
-I'm trying also to set up ldap authentication: this is my configuration file.

from farmconfig import FarmConfig
from MoinMoin.security.antispam import SecurityPolicy
from MoinMoin.security import Permissions
class Config(FarmConfig):
    sitename = u'Wiki' # [Unicode]
    interwikiname = u'Wiki' # [Unicode]
    page_front_page = u"FrontPage"
    data_dir = '/usr/share/moin/wiki/data'
    data_underlay_dir='/usr/share/moin/wiki/underlay'
    superuser = [u"marco", ]
    acl_rights_before = u"marco:read,write,delete,revert,admin"
    acl_rights_default = u"Trusted:read,write,delete,revert
Known:read,write,delete,revert All:read,write"
    acl_rights_after = u"" # most users don't need this
    acl_hierarchic = False # True to use hierarchical ACLs
    unzip_single_file_size = 2.0 * 1000 ** 2
    unzip_attachments_space = 200.0 * 1000 ** 2
    unzip_attachments_count = 101 # 1 zip file + 100 files contained in it
    textchas = None # a data structure with site-specific questions/answers
    textchas_disabled_group = None # e.g. u'NoTextChasGroup' if you
are a member of this group, you don't get textchas
   from MoinMoin.auth.ldap_login import LDAPAuth
    ldap_authenticator1 = LDAPAuth(
        server_uri='ldap://ldap01',
        bind_dn=''
        bind_pw='',
        base_dn='ou=wiki,c=it',  # base DN we use for searching
        scope=2, # scope of the search we do (2 == ldap.SCOPE_SUBTREE)
        referrals=0, # LDAP REFERRALS (0 needed for AD)
        search_filter='(uid=%(username)s)',  # ldap filter used for searching:
        givenname_attribute='givenName',
        surname_attribute='sn',
        aliasname_attribute='displayName',
        email_attribute='mail',
        email_callback=None, # callback function called to make up email address
        coding='utf-8', # coding used for ldap queries and result values
        timeout=10, # how long we wait for the ldap server [s]
        start_tls=0, # usage of Transport Layer Security 0 = No, 1 =
Try, 2 = Required
        tls_cacertdir=None,
        tls_cacertfile=None,
        tls_certfile=None,
        tls_keyfile=None,
        tls_require_cert=0, # 0 == ldap.OPT_X_TLS_NEVER (needed for
self-signed certs)
        bind_once=False, # set to True to only do one bind - useful if
configured to bind as the user on the first attempt
        autocreate=False, # set to True to automatically create/update
user profiles
        name='ldap', # use e.g. 'ldap_pdc' and 'ldap_bdc' (or 'ldap1'
and 'ldap2') if you auth against 2 ldap servers
        report_invalid_credentials=False, # whether to emit "invalid
username or password" msg at login time or not
    )

    auth = [ldap_authenticator1, ] # this is a list, you may have
multiple ldap authenticators
    cookie_lifetime = (0,1) # no anon user sessions, 1h session
lifetime for logged-in users
    class SecurityPolicy(Permissions):
        def save(self, editor, newtext, rev, **kw):
            # only known users are allowed to edit
            return self.request.user.valid
    acl_enabled = 1
    acl_rights_default = 'Known:read,write,delete,revert All:read'

what I get is that I'm authenticated from the ldap but I'm not
authorized. What should I check?

-is there a list of special pages as in mediawiki?


Thanks!



-- 
Marco

More information about the Moin-user mailing list