XWiki – User Authentication with Oracle SSO

XWiki is a popular Java-based wiki software offering a good variety of features and plugins. It is pretty advanced, therefore ideal for any enterprise requiring a content management tool which is flexible, professional and free 🙂

Installation and configuration come in different flavors, starting with the standalone distribution (Jetty container on HSQLDB db), by far the easiest option. Alternatively the XWiki WAR file can be deployed on any servlet container and any database of your choice (Oracle 10.1.2 RDBMS and OC4J 10.1.3 in my case).

Installation on Oracle infrastructure

Create a new XWIKI database schema with all privileges.

Edit the XWiki WAR file (hibernate.cfg.xml) to point the datasource to the newly created schema. Deploy the WAR file itself (or package the WAR in an EAR file).

Restart the OC4J (the database objects will be created/populated when xwiki is first invoked).

Optional: import the default XWiki XAR file to populate the wiki with an initial set of pages

User Authentication

XWiki has its default built-in authentication module, or it can be configured to use an LDAP server.

However if you need to use an existing authentication mechanism (Oracle SSO or any other) you will have to plugin a Custom Authentication handler.

Implement the handler

First of all you need to implement the com.xpn.xwikiuser.api.XWikiAuthService interface. One easy way to accomplish that is to extend the existing XWiki implementation (com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl) as shown below:

   public class SSOAuthServiceImpl extends XWikiAuthServiceImpl {
    ....

Next step is to override the method which performs the authentication:

    @Override
    public XWikiUser checkAuth(XWikiContext context) throws XWikiException {
    ....

Your implementation of the checkAuth() method must contain the authentication logic and return an instance of the XWikiUser class:

        String user = context.getRequest().getRemoteUser();
        if(user == null) {
           log.error("User cannot be authenticated");
           return super.checkAuth(context);
        } else {
           return new XWikiUser("XWiki." + user);
        }

Create the users

Oracle SSO relies on Oracle Internet Directory (LDAP) to store the user information, however XWiki has its own repository. If you don’t want to register manually each user into XWiki then you can create those programatically (maybe during logon):

    context.getWiki().createEmptyUser("beppe", "edit", context);

Source

See my implementation (ssoauthserviceimpl.java) as an example, hope it helps.

Advertisements

15 Responses to XWiki – User Authentication with Oracle SSO

  1. Vincent says:

    What I miss is a quick howto on how to implement this in the Xwiki.

    • You mean something like:
      – create custom authentication handler class
      – package it as jar file and drop it in the XWiki WEB-INF/lib
      – set xwiki.authentication.authclass property in WEB-INF/xwiki.cfg
      – deploy XWiki war file

      Hope it helps.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: