X-Wiki¶
Presentation¶
XWiki is a free wiki software platform written in Java with a design emphasis on extensibility. XWiki is an enterprise wiki. It includes WYSIWYG editing, OpenDocument based document import/export, semantic annotations and tagging, and advanced permissions management.
Configuration¶
The integration with LL::NG is the following:
LemonLDAP::NG is configured as a reverse-proxy for xwiki
Xwiki is configured to accept HTTP Headers
Xwiki virtual host¶
Apache¶
You will configure Xwiki virtual host like other protected virtual host.
This is an example, with https and speaking to xwiki via AJP.
<VirtualHost *:80>
ServerName wiki.acme.fr
Redirect / https://wiki.acme.fr/
</VirtualHost>
<VirtualHost *:443>
ServerName wiki.acme.fr
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/wildcard.acme.fr.crt
SSLCertificateKeyFile /etc/pki/tls/certs/wildcard.acme.fr.key
SSLCertificateChainFile /etc/pki/tls/certs/CLASS_2_ACME_CA.crt
SSLOptions +StdEnvVars
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLCompression off
PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2
RewriteEngine on
RewriteRule ^/$ /xwiki/ [R]
ProxyPreserveHost On
ProxyRequests On
ProxyPass / ajp://192.168.11.130:8009/
ProxyPassReverse / ajp://192.168.11.130:8009/
ErrorLog /var/log/httpd/wiki_error.log
CustomLog /var/log/httpd/wiki_access.log combined
</VirtualHost>
Xwiki virtual host in Manager¶
Go to the Manager and create a new virtual host for Xwiki.
Configure the access rules.
Configure the headers:
remote_user:
$uid
remote_groups:
join('|', keys(%{$hGroups}))
secret:
choose_a_secret_key
Xwiki Configuration¶
First, you need to install the Headers Trusted Authentication Adapter
Then, configure in xwiki.cfg
xwiki.authentication.authclass=org.xwiki.contrib.authentication.XWikiTrustedAuthenticator
xwiki.authentication.trusted.adapterHint=headers
xwiki.authentication.trusted.auth_field=remote_user
xwiki.authentication.trusted.group_field=remote_groups
xwiki.authentication.trusted.logout_url=https://auth.example.com/?logout=1
xwiki.authentication.trusted.secret_field=secret
xwiki.authentication.trusted.secret_value=choose_a_secret_key
# Adjust the XWiki=>LemonLDAP group map to your liking
xwiki.authentication.trusted.groupsMapping=XWiki.XWikiAdminGroup=xwiki-admins|XWiki.XWikiAdminGroup=timelords