Details
-
Improvement
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
Description
Xwiki does not allow some characters, such as periods, in user IDs. For authentication directly against an external LDAP system, xwiki provides LDAPProfileClass which supports a mapping between the xwiki ID and the external ID.
The CAS authenticator currently does not support such a mapping. Instead, it strips out any invalid characters in the external ID and then searches for a corresponding xwiki user. Because of this, it is not currently possible to convert an existing xwiki system to use CAS authentication if the users already exist in both xwiki and the external authentication system.
Enhancing the CAS authenticator to include something similar to LDAPProfileClass would allow such a conversion to be performed.
See http://xwiki.475771.n2.nabble.com/Jasig-CAS-authentication-and-users-with-periods-in-the-id-td7598674.html for further details.