XWiki – User Authentication with Oracle SSO

XWiki is a popular Java-based wiki software offering a good variety of features and plugins. It is pretty advanced, therefore ideal for any enterprise requiring a content management tool which is flexible, professional and free 🙂

Installation and configuration come in different flavors, starting with the standalone distribution (Jetty container on HSQLDB db), by far the easiest option. Alternatively the XWiki WAR file can be deployed on any servlet container and any database of your choice (Oracle 10.1.2 RDBMS and OC4J 10.1.3 in my case).

Installation on Oracle infrastructure

Create a new XWIKI database schema with all privileges.

Edit the XWiki WAR file (hibernate.cfg.xml) to point the datasource to the newly created schema. Deploy the WAR file itself (or package the WAR in an EAR file).

Restart the OC4J (the database objects will be created/populated when xwiki is first invoked).

Optional: import the default XWiki XAR file to populate the wiki with an initial set of pages

User Authentication

XWiki has its default built-in authentication module, or it can be configured to use an LDAP server.

However if you need to use an existing authentication mechanism (Oracle SSO or any other) you will have to plugin a Custom Authentication handler.

Implement the handler

First of all you need to implement the com.xpn.xwikiuser.api.XWikiAuthService interface. One easy way to accomplish that is to extend the existing XWiki implementation (com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl) as shown below:

   public class SSOAuthServiceImpl extends XWikiAuthServiceImpl {
    ....

Next step is to override the method which performs the authentication:

    @Override
    public XWikiUser checkAuth(XWikiContext context) throws XWikiException {
    ....

Your implementation of the checkAuth() method must contain the authentication logic and return an instance of the XWikiUser class:

        String user = context.getRequest().getRemoteUser();
        if(user == null) {
           log.error("User cannot be authenticated");
           return super.checkAuth(context);
        } else {
           return new XWikiUser("XWiki." + user);
        }

Create the users

Oracle SSO relies on Oracle Internet Directory (LDAP) to store the user information, however XWiki has its own repository. If you don’t want to register manually each user into XWiki then you can create those programatically (maybe during logon):

    context.getWiki().createEmptyUser("beppe", "edit", context);

Source

See my implementation (ssoauthserviceimpl.java) as an example, hope it helps.

This entry was posted on Wednesday, October 15th, 2008 at 10:56 pm and is filed under Java, Open Source, SSO. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

15 Responses to XWiki – User Authentication with Oracle SSO

Older Comments
  1. christian marriage counselling's avatar christian marriage counselling says:
    June 14, 2011 at 10:57 pm

    Superb article!!!

    Reply
  2. Vincent's avatar Vincent says:
    March 21, 2011 at 3:19 pm

    What I miss is a quick howto on how to implement this in the Xwiki.

    Reply
    • Beppe Catanese's avatar Beppe Catanese says:
      March 27, 2011 at 1:57 pm

      You mean something like:
      – create custom authentication handler class
      – package it as jar file and drop it in the XWiki WEB-INF/lib
      – set xwiki.authentication.authclass property in WEB-INF/xwiki.cfg
      – deploy XWiki war file

      Hope it helps.

      Reply
Older Comments

Leave a comment

Design a site like this with WordPress.com
Get started