I am developing an inventory management system. I am using AppWithinMinutes (AWM). Only administrator can add, edit and delete. In this system, the user name is entered in the user field. Other fields are entering other information. How can users see only their own children when they log in to xwiki with their own name? And how can not he see the other kids?
You could implement and EventListener in your application so that, whenever an entry in your application is created, an XWikiRights object is added to the page to allow view access only to the user that created it and some admin group (that is allowed to see all the entries of all the users).
Note that it would be recommended to implement your EventListener as a WikiComponent so that it is automatically registered when your XWiki instance is restarted.
Related
For test purpose I added a read-only LDAP look-up via the User Store Management menu at admin, selecting the option:
org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
After testing, I'm not able to remove this store entry at the Web console doing a "Select All" and selecting the the "Delete" icon. The command confirms deletion of the store, but after a new lookup the entry is still present. It is currently set in a disabled state, as some details are yet missing in the LDAP setup.
It displays a pop-up message like this:
Do you want to delete the selected user stores? Yes
Selected user stores are being deleted. Refresh the page after few seconds to check the new status. OK
After this issue, the dashboard login function stopped working, not accepting local LDAP store registered users. Under admin console access, the local users are still visible.
Please advice how to correct this issue.
A "kill -9 process number" solved the problem reported above and new start of the Identity server removed the web cache error. Yes, it did remove all the persistent entries.
I like to request an advice about the configuration options in the WSO2 Identity Server to adjust the layout of a corporate LDAP directory and reuse it as a Secondary Read Only User store in the IdP. Is there a mapping function available that correlates the WSO2 field terminology to the context of the corporate directory, mapping the mandatory WSO2 identity fields like [ First Name, Last Name, Address, Phone Number and others]?
This question is complementary to my previous question about the access locking.
WSO2 Admin Secondary User Store - Delete Icon is not Working
Thanks in advance for your advice how to integrate an external LDAP repository.
You can use claim management in WSO2 identity server. In the Identity Server, each user store attribute can be mapped as a claim. Therefore, you can use the claim management functionality available in the Identity Server and properly map your LDAP/AD/JDBC user store attributes with the claim URIs defined by the Identity Server. You can also add different claim URIs and manage them using claim management.
Please refer the below links to find how to do user attribute mapping.
https://docs.wso2.com/display/IS500/Managing+User+Attributes
https://docs.wso2.com/display/IS500/Adding+New+Claim+mapping
You can add your corporate LDAP directory as secondary user store.
You can follow the below steps to configure secondary user stores manually or using the management console:
configure the [IS_HOME]\repository\conf\user-mgt.xml file as given below.
Using management console:
Log in to the management console and click User Store Management sub menu under Configure menu.
List item
The User Store Management page opens
Click Add Secondary User Store.
In the User Store Manager Class list, select the type of user store you are creating (in here u can populate this drop-down list with custom user store manager implementations by adding them to the server.)
Enter a unique domain name with no underscore (_) characters, and optionally enter a description for this user store.
Enter values for the properties, using the descriptions in the Descriptions column for guidance. The properties that appear vary based on the user store manager class you selected, and there may be additional properties in an Optional or Advanced section at the bottom of the screen.
Ensure that all the mandatory fields are filled and a valid domain name is given and click Add.
A message appears saying that the user stores are being added. (The message does not imply that the user store is added successfully. It simply means that the server is attempting to add the new user store to the end of the available chain of stores.)
Refresh the page after a few seconds to check the status.
If the new user store is successfully added, it will appear in the User Store Management page.
After adding to the server, you can edit the properties of the new secondary user store and enable/disable it in a dynamic manner.
Using manually:
You can find the primary user store configuration in [IS_HOME]\repository\conf\ the user-mgt.xml file. When you create a secondary user store using the management console, its configuration is saved to an XML file with the same name as the domain name you specify. Alternatively, you can create this XML file manually and save it as follows:
When you configure multiple user stores, you must give a unique domain name to each user store in the <domainname> element. If you configure a user store without specifying a domain name, the server throws an exception at start up.
If it is the configuration of a super tenant, save the secondary user store definitions in <product_home>/repository/deployment/server/userstores directory.
If it is a general tenant, save the configuration in <product_home>/repository/tenants/<tenantid>/userstores directory.
The secondary user store configuration file must have the same name as the domain with an underscore (_) in place of the period. For example, if the domain is wso2.com, name the file as wso2_com.xml.
One file only contains the definition for one user store domain.
You can follow the below steps:
I have OIM and ODSEE installed and LDAP Sync is enabled. In ODSEE, we have created custom object class and custom attributes. When user is created in OIM, LDAP Sync creates users in ODSEE with all attributes populated automatically. We have 2 custom attributes(Date attributes) specific to ODSEE like ghWhenCreated and ghWhenChanged which stores date values when user is created or modified in OIM. Currently we are populating these 2 attributes through event handlers in OIM. But we need these attributes to be populated automatically in ODSEE if there is add or modify requests in ODSEE since we are seeing issues when create/modification request happens in OIM. Does any one know how to update current date on custom attributes when soem entry is created or modified in ODSEE directly.
Let me know if you need further details.
I've created a custom authentication plugin, which allows me to login to Joomla with my own user Table. So at this point, the authentication to the system is working and a user object will be created. All information until logout can be seen with $user = JFactory::getUser();.
My problem is, that after login, my menue won't be shown. It seems, that my template is not loaded. If I manually change the userid to one of the registered users in Joomla (only the id will be changed, no other values of the user object), the template will be loaded and the menue will be shown.
What do I have to do to get this to work? What is missing, or what do I wrong?
Because of the Joomla rights system, Joomla calls getAuthorisedViewLevels() and getGroupsByUser() in libraries/joomla/access/access.phpin and looks up the groups from user_usergroup_map.
Because it is an external user authentication, there is no user_usergroup mapping.
Therfore I built a work around. During the login procedure I added a function to my plugin which sets the user_id in the user_usergroup_map table for temporary using.
In case of logging out, the entry in the user_usergroup_map table will be removed.
I am working on a Titanium Alloy project where in I am creating custom objects using ACS. I also have different users in the Users ACS. I wish to associate a particular custom object to a particular logged in user.
For example, If user A is logged in the custom object created by that user should be associated to user A. Same for user B and so on. How do I create this association? Currently my Custom objects get created but they are not associated to the logged in user.
After a little discussion, I realised I should add my scenario too.
My scenario is, a user changes a few settings using the toggle switch. This information should be stored for a user and later on push notification for selected settings should be sent to the user.
Any help in this regard is greatly appreciated.
Regards,
Shreerang
So i think you should store custom object in database with its user name so whenever you want you can get back with user's name.