It would be nice if there was this option to not have to recreate all
the users in etherpad.
My patch as it stands is located at
https://gist.github.com/10061b4b213619816db5 -- feel free to try it
out, though it likely has some silly mistakes from merging right now.
I'll likely have time to test it out myself in the next week or so.
--
Elliot
--
Elliot
2009/12/28 Elliot Kroo <ellio...@gmail.com>:
--
Elliot
--
Elliot
--
Elliot
I applied it and was fine. I noticed an error in the first User login,
this error does not appear later. I reviewed the log and saw that the
error is in the file src/etherpad/pro/pro_accounts.js line 375.
Apparently there is no function getUserByEmail.
"net.appjet.bodylock.JSRuntimeException: Error while executing:
ReferenceError:" getUserByEmail "is not defined. (module etherpad/pro/
pro_accounts.js # 375)"
I changed this function to getAccountByEmail and the error
disappeared. Is that correct?
On Dec 29 2009, 4:56 am, Elliot Kroo <elliot.k...@gmail.com> wrote:
> I should mention that there is actually a fair bit of documentation
> that was put together for the features enabled by this patch.
> Attached is a draft of that documentation.
>
> 2009/12/28 Elliot Kroo <elliot.k...@gmail.com>:
>
>
>
> > I haven't quite gotten a chance to set the open-source version of etherpad up on my box completely, but I've thrown together the changes from the ldap branch as apply to the open-source version...
>
> > My patch as it stands is located athttps://gist.github.com/10061b4b213619816db5-- feel free to try it out, though it likely has some silly mistakes from merging right now. I'll likely have time to test it out myself in the next week or so.
>
> > --
> > Elliot
>
> > On Thu, Dec 24, 2009 at 11:32 AM, Elliot Kroo <elliot.k...@gmail.com> wrote:
> >> At etherpad we had support for LDAP and SSO in a branch of the code that
> >> never quite got merged into the open-sourced branch... I'll look into
> >> submitting a patch in the next few days.
> >> --
> >> Elliot
> >> On Dec 23, 2009, at 6:11 AM, John McLear <johnym...@gmail.com> wrote:
>
> >> I am not familiar with a way to support this however there are java
> >> libraries available for ldap auth..
> >> I imagine you won't be the first. I want to bring shibboleth authentication
> >> into the mix too and I'm familiar with doing this on IIS/apache but not
> >> directly in java.
> >> If someone can document an ldap configuration then that would be extremely
> >> useful for me and I would be great full.
>
> >> On Wed, Dec 23, 2009 at 11:50 AM, mrstarke <mrsta...@gmail.com> wrote:
>
> >>> does anyone know if the etherpad supports authentication via LDAP, AD,
> >>> domains, or some other authentication method other than the users
> >>> table in MySQL
>
> >>> It would be nice if there was this option to not have to recreate all
> >>> the users in etherpad.
>
> > --
> > Elliot
>
> --
> Elliot
>
> users-guide.mdown
> 27KViewDownload
--
Elliot
Attached is the diff between these two revisions of the patch (a
meta-patch, so to speak :) ), just to be completely clear how I
changed this.
--
Elliot
>>>> athttps://gist.github.com/10061b4b213619816db5-- feel free to try it out,
--
Elliot
On Jan 4, 1:44 pm, Elliot Kroo <elliot.k...@gmail.com> wrote:
> I updatedhttps://gist.github.com/10061b4b213619816db5to reflect this
> change, as well as the inadvertent renaming of createNewAccount to
> createNewUser -- this will have broken various portions of the code
> elsewhere.
>
> Attached is the diff between these two revisions of the patch (a
> meta-patch, so to speak :) ), just to be completely clear how I
> changed this.
>
> --
> Elliot
>
>
>
> On Mon, Jan 4, 2010 at 7:10 AM, Elliot Kroo <elliot.k...@gmail.com> wrote:
> > Ahah! Good catch, I missed that. I'll update the patch to reflect this
> > change.
>
> > --
> > Elliot
>
> > On Jan 4, 2010, at 6:10 AM, mrstarke <mrsta...@gmail.com> wrote:
>
> >> Thanks for the patch.
>
> >> I applied it and was fine. I noticed an error in the first User login,
> >> this error does not appear later. I reviewed the log and saw that the
> >> error is in the file src/etherpad/pro/pro_accounts.js line 375.
> >> Apparently there is no function getUserByEmail.
> >> "net.appjet.bodylock.JSRuntimeException: Error while executing:
> >> ReferenceError:" getUserByEmail "is not defined. (module etherpad/pro/
> >> pro_accounts.js # 375)"
>
> >> I changed this function to getAccountByEmail and the error
> >> disappeared. Is that correct?
>
> >> On Dec 29 2009, 4:56 am, Elliot Kroo <elliot.k...@gmail.com> wrote:
>
> >>> I should mention that there is actually a fair bit of documentation
> >>> that was put together for the features enabled by this patch.
> >>> Attached is a draft of that documentation.
>
> >>> 2009/12/28 Elliot Kroo <elliot.k...@gmail.com>:
>
> >>>> I haven't quite gotten a chance to set the open-source version of
> >>>> etherpad up on my box completely, but I've thrown together the changes from
> >>>> the ldap branch as apply to the open-source version...
>
> >>>> My patch as it stands is located
> >>>> athttps://gist.github.com/10061b4b213619816db5--feel free to try it out,
> ldap_support_changes.diff
> 1KViewDownload
Could you please specify a bit more details regarding configuration
file?
I've created a new file in /home/etherpad/etherpad/trunk/etherpad/data/
ldapConfig.json
and put there the following info (my ldap data):
---------------------
{
"userClass" : "*",
"url" : "ldap://pdc.domain.xx:389",
"principal" : "CN=LDAPAuth,OU=Pseudo Accounts,OU=Managed
Objects,DC=domain,DC=xx",
"password" : "password",
"rootPath" : "DC=domain,DC=xx",
"nameAttribute": "cn",
"ldapSuffix" : "@ldap"
}
appjet.config['etherpad.useLdapConfiguration'] = "/home/etherpad/
etherpad/trunk/etherpad/data/ldapConfig.json"
---------------------
But I'm not sure that this file must contain "appjet.config..." line.
If I just uncomment this line in trunk/etherpad/src/etherpad/pro/
pro_ldap_support.js
then "appjet undefined" error is appeared.
Thanks in advance,
Alexey.
On 4 янв, 19:45, mrstarke <mrsta...@gmail.com> wrote:
> Now everything about ldap authentication is ok. Thanks.
>
> On Jan 4, 1:44 pm, Elliot Kroo <elliot.k...@gmail.com> wrote:
>
> > I updatedhttps://gist.github.com/10061b4b213619816db5toreflect this
Here is my config file:
{
"userClass" : "person",
"url" : "ldap://192.168.0.132:389",
"principal" : "ou=corp,dc=example,dc=com",
"password" : "password",
"rootPath" : "dc=example,dc=com",
"nameAttribute": "cn",
"ldapSuffix" : "@example.com"
}
In file etc/etherpad.localdev-default.properties I added the path to
my ldap configuration file (etherpad.useLdapConfiguration = /home/
02600542914/etherpad/ldap.conf)
See the user-guide.mdown sent earlier by Elliot
I can't apply the patch to the latest version of etherpad source code.
Maybe I need to download another version?
Could you please help me to resolve the issue?
============================================================
============================================================
nadmin@nimserver:/var/www/etherpad$ sudo patch < p1
can't find file to patch at input line 4
Perhaps you should have used the -p or --strip option?
The text leading up to this was:
--------------------------
|diff -r 78a2f7962089 trunk/etherpad/src/etherpad/pro/pro_accounts.js
|--- a/trunk/etherpad/src/etherpad/pro/pro_accounts.js Tue Dec 22
14:51:36 2009 -0500
|+++ b/trunk/etherpad/src/etherpad/pro/pro_accounts.js Mon Jan 04
07:34:56 2010 -0800
--------------------------
File to patch: trunk/etherpad/src/etherpad/pro/pro_accounts.js
patching file trunk/etherpad/src/etherpad/pro/pro_accounts.js
Hunk #2 FAILED at 86.
1 out of 5 hunks FAILED -- saving rejects to file trunk/etherpad/src/
etherpad/pro/pro_accounts.js.rej
nadmin@nimserver:/var/www/etherpad$ cat trunk/etherpad/src/etherpad/
pro/pro_accounts.js.rej
***************
*** 82,99 ****
}
/* if domainId is null, then use domainId of current request. */
- function createNewAccount(domainId, fullName, email, password,
isAdmin) {
if (!domainId) {
domainId = domains.getRequestDomainId();
}
email = trim(email);
isAdmin = !!isAdmin; // convert to bool
// validation
- var e;
- e = validateEmail(email); if (e) { throw Error(e); }
- e = validateFullName(fullName); if (e) { throw Error(e); }
- e = validatePassword(password); if (e) { throw Error(e); }
// xss normalization
fullName = toHTML(fullName);
--- 86,108 ----
}
/* if domainId is null, then use domainId of current request. */
+ function createNewAccount(domainId, fullName, email, password,
isAdmin, skipValidation) {
if (!domainId) {
domainId = domains.getRequestDomainId();
}
+ if (!skipValidation) {
+ skipValidation = false;
+ }
email = trim(email);
isAdmin = !!isAdmin; // convert to bool
// validation
+ if (!skipValidation) {
+ var e;
+ e = validateEmail(email); if (e) { throw Error(e); }
+ e = validateFullName(fullName); if (e) { throw Error(e); }
+ e = validatePassword(password); if (e) { throw Error(e); }
+ }
// xss normalization
fullName = toHTML(fullName);
============================================================
============================================================
Thanks in advance,
Alex.
1) Make the download of the patch from https://gist.github.com/10061b4b213619816db5
2) hg clone https://etherpad.googlecode.com/hg/ etherpad
3) cd etherpad
4) uncompact the patch ( tar -xvz --strip-components=1 -f ~/Desktop/
gist10061b4b213619816db5-
e60df95e16c09700b4cf07cd87b9732dd7b15ace.tar.gz )
5) Apply the patch ( patch -p1 < ../ldap_support.patch )
Here is working without problems.
John – g'luck :)
--
Elliot
2010/1/23 John McLear <john...@gmail.com>:
--
Elliot
My guide so far reads:
#Get the patch
lynx https://gist.github.com/10061b4b213619816db5
#Get the etherpad source (warning- may take some time- go make a cuppa
tea)
hg clone https://etherpad.googlecode.com/hg/ etherpad
#Go to the etherpad folder
cd etherpad
#Extract the patch
tar -xvz --strip-components=1 -f ../gist10061b4b213619816db5-
e60df95e16c09700b4cf07cd87b9732dd7b15ace.tar.gz
#Apply the patch
patch -p1 < ldap_support.patch
#Set your superdomain
nano trunk/etherpad/src/etherpad/globals.js
add yourdomain.whatever to the SUPERDOMAINS
#Edit pro_accounts.js (yes I use nano cause I'm ghetto like that)
nano trunk/etherpad/src/etherpad/pro/pro_accounts.js
#Change directory
cd trunk/etherpad
#Add the useLdapconf to the config
echo "etherpad.useLdapConfiguration = ./etc/json.config" >> etc/
etherpad.localdev-default.properties
#Edit json.config
nano etc/json.config
#Paste in:
{
"url" : "ldap://localhost:10389",
"principal" : "uid=admin,ou=system",
"password" : "secret",
"rootPath" : "ou=users,ou=system",
"userClass" : "person",
"nameAttribute" : "displayname",
"ldapSuffix" : "@ldap"
}
#Replacing the above with your settings.
#Build your etherpad
bin/rebuildjar.sh
#Test your etherpad
bin/run-local.sh
#Browse to http://yourdomain.com:9000/
#Browse to http://primarypad2.com:9001/ep/pro-signup/ to sign up
On Jan 23, 6:55 pm, Elliot Kroo <elliot.k...@gmail.com> wrote:
> All –
> Feel free to pull directly from git://github.com/ether/pad.git if
> you're having trouble with that patch. On that note, thanks for that
> step-by-step guide mrstarke, I just tested it out and works great for
> me.
>
> John – g'luck :)
>
> --
> Elliot
>
> 2010/1/23 John McLear <johnym...@gmail.com>:
--
Elliot
--
Elliot
On 2 fev, 20:14, Elliot Kroo <elliot.k...@gmail.com> wrote:
> Hey John,
> Authentication happens the normal etherpad PNE route, just with
> special 'ldap' email addresses -- as controlled by the ldapSuffix
> variable in the config. Try logging in as [LDAPUsername]@ldap, and
> with your ldap password. Note that you'll not need to sign up if
> you're in the LDAP system already (and signing up will not modify the
> LDAP database right now). If you have a user in the LDAP database
> already, you should be able to sign in.
>
> --
> Elliot
>
>
>
> On Tue, Feb 2, 2010 at 10:08 AM, John McLear <johnym...@gmail.com> wrote:
> > Elliot, mrstarke im obviously missing an obvious step, at what point
> > should I be prompted for my LDAP credentials?
>
> > My guide so far reads:
>
> > #Get the patch
> > lynxhttps://gist.github.com/10061b4b213619816db5
> > #Browse tohttp://primarypad2.com:9001/ep/pro-signup/to sign up
Cheers :)
J
> > > #Browse tohttp://primarypad2.com:9001/ep/pro-signup/tosign up
On 4 fev, 12:17, John McLear <johnym...@gmail.com> wrote:
> Usually when an account is registered the user has XX.YY.ZZ where XX is the
> first part of the domain IE mysite.etherpad.com (in this case it's mysite)
>
> How is XX assigned when a user is logging in with their ldap auth? This is
> usually part of the registration process and as there is no registration, XX
> hasn't been assigned. Is it the case that under this auth model there is no
> XX ?
>
> Sorry if my initial request was a tad confusing!
>