Last modified by Ludovic Dubost on 2020/10/01 11:16

<
From version < 9.1 >
edited by Ludovic Dubost
on 2019/04/09 15:13
To version < 10.1 >
edited by Ludovic Dubost
on 2019/12/02 16:02
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -37,34 +37,34 @@
37 37  
38 38  The OpenIDC module must be activated in the section General Settings / Supplier Modules / OpenID Connect
39 39  
40 -Image: lemonldap-activationopenidc.png
40 +image:lemonldap-activationopenidc.png
41 41  
42 42  An XWiki application must be added in the General Settings / Portal / Menu / Categories and Application section.
43 43  The XWiki URL must be specified.
44 44  
45 -Image: lemonldap-ajouterapp.png
45 +image:lemonldap-ajouterapp.png
46 46  
47 47  A client configuration must be added in "OpenID Connect Clients". The name can be anything.
48 48  
49 -Image: lemonldap-ajouterclientopenidc.png
49 +image:lemonldap-ajouterclientopenidc.png
50 50  
51 51  The clientid and secret parameters must be added in the Options / Authentication section. These must be the same as in the xwiki.properties configuration
52 52  
53 -Image: lemonldap-authentification.png
53 +image:lemonldap-authentification.png
54 54  
55 55  An authorized redirection address must be specified in the Options / Redirection Addresses Allowed for Connection and Options / Redirected Adresses for Disconnection options. This must match the URL of the XWiki and the URI part must be / xwiki / oidc / authenticator / callback.
56 56  
57 -Image: lemonldap-redirectionauthorisee.png
57 +image:lemonldap-redirectionauthorisee.png
58 58  
59 59  In order to allow the synchronization of fields from LemonLDAP into the XWiki profile, new attributes starting with xwiki_user_ followed by the name of the XWiki field (first_name, last_name, company, address) must be added in the Export Attributes section. They must point to LemonLDAP field names themselves synchronized to the authentication source (often OpenLDAP). In demo mode, lemonLDAP does not have many available fields, so we synchronized the "cn".
60 60  
61 -Image: lemonldap-attributes.png
61 +image:lemonldap-attributes.png
62 62  
63 63  Once the fields have been created, the "profile" value must be modified in the Options / Declarations section. It should contain the list of classic fields plus the new XWiki fields. For example:
64 64  
65 65  name given_name country first_name last_name email mail xwiki_user_first_name xwiki_user_last_name xwiki_user_company
66 66  
67 -Image: lemonldap-scopeclaims.png
67 +image:lemonldap-scopeclaims.png
68 68  
69 69  == Troubleshooting ==
70 70  

Get Connected