Flux CMS Confluence Auth Module

[ ] by Christian Stocker @ 02.05.2007 11:59 CEST

I just committed an authentication module, which authenticates against a Confluence server via the SOAP interface instead of just the internal database. This allows us to enable access to a Flux CMS installation for everyone at Liip without having to actually create all those 20+ accounts (and everyone can use the same password on Jira, Confluence and those CMS installations)

The module still uses the internal database, if the authentication via Confluence fails. Therefore you can have additional users in the local database, which do not have a confluence account. Additionally, the module creates a local CMS user account, if someone with a Confluence account first logs in and saves all the needed CMS information there, so that Confluence is really only used for authentication, later needed additional CMS information is still maintained and saved locally.

To use this module, just check out the latest 1.5-dev or HEAD version of the CMS and change/add the following to your config.xml

<permm type="permm">
  <authModule>
    <type>confluence</type>
      <wsdlurl>http://your.wiki.com/rpc/soap-axis/confluenceservice-v1?wsdl</wsdlurl>
      <allowedGroup>internal-developers</allowedGroup>
      <!-- all the other options from the standard authModule -->

The allowedGroup option tells the plugin in which group a Confluence account has to be for getting access to the CMS

This plugin can also serve as a template, if you want to authenticate against a similar service but still use the default one as a fallback

Addition: The SOAP extension has to be enabled for this to work.

Update: In at least Confluence 2.4, the allowedGroup check does not work for non-admin confluence users, therefore I added a new option to config.xml

<allowedSpace>INTERN</allowedSpace>

This option checks, if the current user can see that particular space. As you can give rights on a per space base, this is basically the same as the allowedGroup option, just configured differently on the confluence side.

Tags:
Comments (4)  Permalink

Comments

Michael Weibel @ 31.07.2007 09:00 CEST
OT: Yesterday, I subscribed for both mailinglists (german and english) of the flux-cms.. But I didn't receive any confirmation-email (looked also in the logs).
Did something went wrong or something like that?
chregu @ 31.07.2007 09:05 CEST
your mailserver doesn't have an MX record...

Jul 31 08:29:26 devel postfix/smtp[6472]: 5A470E76C9: to=&lt;removed..@wamboo.ch>, relay=none, delay=478, delays=478/0/0.06/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=wamboo.ch type=MX: Host not found, try again)

That may be the problem
Michael Weibel @ 31.07.2007 10:31 CEST
hm. But dnsstuff.com says to me that wamboo.ch has a MX record..
Michael Weibel @ 31.07.2007 13:53 CEST
now it works ;)

add a comment

This blog is gravatar enabled.
Your email adress will never be published.
Comment spam will be deleted!

Name*
E-Mail
For Spammers Only
URL
Comment*
Notify me via E-Mail when new comments are made to this entry
Remember me (needs cookies)