Item10404: Tweaks for x509userplugin that make it work!
Priority: Normal
Current State: New
Released In: n/a
Target Release: n/a
Applies To: Extension
Component: x509userplugin
Branches:
To make this plugin work on my (ubuntu 10.10) system, I had to apply the following patch (inlined because it's so short!). The first change just qualifies a config call, the second comments out a warning that was failing, and causing it to stop (I'm sure there's a way to make that warning work if deemed appropriate!)
In addition, I altered the filter to allow the CN to be used as the
LoginName:
$Foswiki::cfg{LoginNameFilterIn} = '^[^\\*?~^\\$%`"\'&;|<>\\x00-\\x1f]+$';
My
NameFilter is (this may be unchanged from standard, can't remember):
$Foswiki::cfg{NameFilter} = '[\\s\\*?~^\\$@%`"\'&;|<>\\[\\]\\x00-\\x1f]';
Other config options are set as follows:
$Foswiki::cfg{Plugins}{X509UserPlugin}{System} = '';
$Foswiki::cfg{Plugins}{X509UserPlugin}{Debug} = 0;
$Foswiki::cfg{Plugins}{X509UserPlugin}{ForceAuthentication} = 0;
$Foswiki::cfg{Plugins}{X509UserPlugin}{RegisterUsersWithLoginName} = 0;
$Foswiki::cfg{Plugins}{X509UserPlugin}{RequireWikinameFromCertificate} = 0;
$Foswiki::cfg{Plugins}{X509UserPlugin}{RegisterInUsersTopic} = 1;
$Foswiki::cfg{Plugins}{X509UserPlugin}{Cert2Wiki} = '';
I hope this can be rolled back in to mainline so I don't have to patch each time there's an update to get it to work! I wonder how many others are using x509userplugin … not many I fear!
Let me know if any other information is needed, patch follows:
diff -wbBuir /var/lib/foswiki/lib/Foswiki/Plugins/X509UserPlugin.pm foswiki/lib/Foswiki/Plugins/X509UserPlugin.pm
--- /var/lib/foswiki/lib/Foswiki/Plugins/X509UserPlugin.pm 2010-12-26 14:28:56.000000000 +0000
+++ foswiki/lib/Foswiki/Plugins/X509UserPlugin.pm 2010-09-20 19:05:49.000000000 +0000
@@ -214,7 +214,7 @@
my $regtopic = $Foswiki::cfg{Plugins}{X509UserPlugin}{RegistrationTopic} || 'UserRegistration';
my $regweb = $Foswiki::cfg{UsersWebName};
unless( Foswiki::Func::topicExists($regweb, $regtopic ) ){
- $regweb = ::cfg{SystemWebName};
+ $regweb = $Foswiki::cfg{SystemWebName};
}
unless( $debug || ( $theTopic eq $regtopic && $theWeb eq $regweb )
diff -wbBuir /var/lib/foswiki/lib/Foswiki/Users/X509UserMapping.pm foswiki/lib/Foswiki/Users/X509UserMapping.pm
--- /var/lib/foswiki/lib/Foswiki/Users/X509UserMapping.pm 2010-12-26 14:28:56.000000000 +0000
+++ foswiki/lib/Foswiki/Users/X509UserMapping.pm 2010-09-20 19:05:49.000000000 +0000
@@ -86,7 +86,7 @@
# But some of the Foswiki infrastructure checks for this before calling us.
if (!$Foswiki::cfg{Register}{AllowLoginName}) {
- $session->writeWarning( 'X509UserMapping has TURNED ON AllowLoginName, because it seems to be required for certificates.' );
+# $session->writeWarning( 'X509UserMapping has TURNED ON AllowLoginName, because it seems to be required for certificates.' );
$Foswiki::cfg{Register}{AllowLoginName} = 1;
}
--
WilliamGallafent - 24 Feb 2011
(I haven't included my changes to data/System/UserRegistration.txt yet, since I haven't tested them. Essentially the only change is to pre-fill several of the fields with data extracted from the certificate by x509userplugin). I'll add that page here once I've tested it.
--
WilliamGallafent - 24 Feb 2011