SID-01583: User mapping issue when converting from LDAP to smartcard

Status:	Answered	TWiki version:	4.1.2	Perl version:	perl v5.10.1
Category:	CategoryAccessControl	Server OS:	Redhat Linux 6.3 kernel 2.6.32-279.11.1.el6.x86_64	Last update:	13 years ago

Recently I was converting a wiki to use smart card from our ldap configuration. The X509 plug in is not working for me (version issue), so I realized through searching that twiki will use REMOTE_USER if apache auth is enabled. Since I am using SSL verify, the authentication happens with the username stored on the card. I'm currently using an apache mod_rewrite map to take the username FULLNAME.LASTNAME.INITIAL.NUMBER to old ldap username.

So I see REMOTE_USER is the right username, but it's not showing up as a wikiword. Always lowercase which doesn't seem to register.

I've tried mapping the user to the TomRhodes name, used the internal map feature to take the original ldap username of tom.rhodes to TomRhodes, and still the problem persists.

I have read the twiki authentication document. I have tried some perl regex to set the name up as a wiki word. I have even attempted to map ldapname->wikiword using the TWikiUsers as suggested in another question. Nothing picks up. I have been able to see that tomrhodes maps to Main.tomrhodes but that isn't helping either.

I set {Register}{AllowLoginName} and {MapUserToWikiName} with exactly the same results. I even tried the LoginNameAliasesPlugin with no positive results.

So now I'm asking for support. Any ideas? Am I right that it's the lower case wikiword issue preventing the rendering? If so, is there a way to fix that? Any help will really be appreciated, thanks!!

-- TomRhodes - 2012-11-11

Discussion and Answer

I'm updating this as answered. It turns out my mapping in the TWikiUsers.txt file was incorrect, I was using:

$REMOTE_USER - WikiUser - date

The solution was to swap those and use TwikUser - $REMOTE_USER - date

Perhaps I just read too fast OR the documentation needs updated to point that out in the case of using the MapUserToWikiName, you need to have the WikiName first. Cheers,

-- TomRhodes - 2012-11-12

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.