站長留言

  • ✅ 本站維護及更新歷史紀錄,詳情請參考公告
  • ✅ 有任何意見、想法,歡迎留言給Spicy知道喔
  • ✅ 固定於每周一至周五更新Blogger文章,周末不定期
LDAPLinuxUbuntuxwiki

【Linux】架設 xwiki,並使用 LDAP (新增手動安裝)

tags: OlitGlobal Linux

Common 目標

  • 建立可以搭配 LDAP 的 wiki
    • LDAP:Lightweight Directory Access Protocol 輕型目錄存取協定
  • 官網:xwiki
  • 中文官網:xwiki中文网


Tutorial 教學1:預設資料庫 HSQLDB

步驟1:安裝套件

  • apt-get update && apt-get upgrade
  • 安裝 Java
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer

java -version

步驟2:下載並安裝 xwiki

  • 下載連結:http://download.forge.ow2.org/xwiki/
    • 可以自行找到最新版本下載
    • wget http://download.forge.ow2.org/xwiki/xwiki-enterprise-installer-generic-9.4-standard.jar
  • 安裝:sudo java -jar xwiki-enterprise-installer-generic-9.4-standard.jar

步驟3:啟動 xwiki

  • 安裝完成後
  • 啟動 xwiki
    cd /usr/local/XWiki Enterprise 9.4
    sudo bash start_xwiki.sh
    
  • 開啟瀏覽器:localhost:8080

步驟4:設定防火牆 ufw

  • 若開啟8080不會自動導向xwiki,請調整ufw設定
sudo ufw enable
sudo ufw allow 8080/tcp
sudo ufw reload
sudo ufw status
  • 開啟瀏覽器:localhost:8080

Tutorial 教學2:其他資料庫

步驟1:安裝套件

  • apt-get update && apt-get upgrade
  • apt-get install tomcat8
  • xwiki
wget -q "http://maven.xwiki.org/public.gpg" -O- | sudo apt-key add -
wget "http://maven.xwiki.org/stable/xwiki-stable.list" -P /etc/apt/sources.list.d/

apt-get update

步驟2:安裝 XWiki Enterprise

  • apt-cache search xwiki
  • 依照需求下載
    • MySQL:apt-get install xwiki-enterprise-tomcat8-mysql
    • PostgreSQL:apt-get install xwiki-enterprise-tomcat8-pgsql

步驟3:設定 tomcat

  • 新增資料夾:mkdir /var/lib/tomcat8/bin

  • 新增設定檔:vim /var/lib/tomcat8/bin/setenv.sh

    • 注意:Xms, Xmx 不要大於或等於記憶體大小,可能會導致tomcat無法start或restart
    • 注意:要設置JAVA_HOME,避免使用Java 9以上的版本,可能出錯
#!/bin/sh
export JAVA_HOME="/usr/local/java/jdk1.8.0"
export JAVA_OPTS="${JAVA_OPTS} -Djava.awt.headless=true"
CATALINA_OPTS="-Xms4096M -Xmx4096M -XX:PermSize=512M -XX:MaxPermSize=512M"

步驟4:初始化 xwiki

  • Step 2 - User Interface
    • 一定要下載升級插件,install

Tutorial 教學3:手動安裝

步驟1:下載套件

  • tomcat:各版本下載連結
    • sudo wget http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v8.5.38/bin/apache-tomcat-8.5.38.tar.gz
  • xwiki:各版本下載連結
    • sudo wget http://nexus.xwiki.org/nexus/content/groups/public/org/xwiki/platform/xwiki-platform-distribution-war/11.1/xwiki-platform-distribution-war-11.1.war

步驟2:解壓縮

  • 選擇適當的位置,放tomcat、xwiki檔案
  • tomcat:tar zxvf FileName.tar.gz
  • 將xwiki的war檔,放置於 tomcat/webapps
  • 啟動tomcat:bin/startup.sh
    • 若有port的問題,可以再啟動前先修改設定檔
    • 設定檔:conf/server.xml
  • xwiki自動解壓縮

步驟3:PostgreSQL JDBC Driver

  • 放置於 tomcat/lib
  • sudo wget https://jdbc.postgresql.org/download/postgresql-42.2.5.jar

步驟4:修改設定檔

  • conf/server.xml
    • 添加:URIEncoding="UTF-8"
<Connector port="9080" protocol="HTTP/1.1"
    URIEncoding="UTF-8"
    connectionTimeout="20000"
    redirectPort="9443" />
  • webapps/xwiki/WEB-INF/hibernate.cfg.xml
    • 修改資料庫的部分,舉例:PostgreSQL
<property name="connection.url">jdbc:postgresql:xwiki</property>
<property name="connection.username">xwiki</property>
<property name="connection.password">1234</property>
<property name="connection.driver_class">org.postgresql.Driver</property>
<property name="dialect">org.hibernate.dialect.PostgreSQLDialect</property>
<property name="xwiki.virtual_mode">schema</property>
<property name="jdbc.use_streams_for_binary">false</property>

LDAP

新增 LDAP 插件

  • 使用管理員登入

  • 進入管理wiki設定頁面,並選擇 Extensions


  • 搜尋 LDAP,選擇 LDAP Authenticator 安裝


  • 設定 WEB-INF/xwiki.cfg

    • vim /usr/lib/xwiki/WEB-INF/xwiki.cfg
#-# LDAP authentication service
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl

#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap=1

#-# Enable local accounts in addition to LDAP.
#-# Without this setting you will be unable to log into XWiki with local accounts.
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap.trylocal=1
  • 設定 xwiki.cfg
    • vim /etc/xwiki/xwiki.cfg
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap=1

#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
#-# The default host is localhost
xwiki.authentication.ldap.server=localhost
#-# The default port is 389 (636 if xwiki.authentication.ldap.ssl is enabled)
xwiki.authentication.ldap.port=389

#-# LDAP credentials, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the user name, {1} with the password
xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
xwiki.authentication.ldap.bind_pass={1}

#-# The Base DN used in LDAP searches
xwiki.authentication.ldap.base_DN=

#-# LDAP query to search the user in the LDAP database (in case a static admin user is provided in
#-# xwiki.authentication.ldap.bind_DN)
#-# {0} is replaced with the user uid field name and {1} with the user name
#-# The default is ({0}={1})
# xwiki.authentication.ldap.user_search_fmt=({0}={1})

#-# Only members of the following group can authenticate.
#-# The following kind of groups are supported:
#-# * LDAP static groups (users/subgroups are listed statically in the group object)
#-# * [Since 3.3M1] LDAP organization units (users/subgroups are sub object of the provided organization unit)
#-# * [Since 3.3M1] LDAP filter (users/groups are object found in a search with the provided filter)
# xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US

#-# [Since 1.5RC1]
#-# Only users not member of the following group can authenticate.
#-# The following kind of groups are supported:
#-# * LDAP static groups (users/subgroups are listed statically in the group object)
#-# * [Since 3.3M1] LDAP organization units (users/subgroups are sub object of the provided organization unit)
#-# * [Since 3.3M1] LDAP filter (users/groups are object found in a search with the provided filter)
# xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US

#-# Specifies the LDAP attribute containing the identifier to be used as the XWiki name
#-# The default is cn
xwiki.authentication.ldap.UID_attr=cn

#-# [Since 1.5M1]
#-# The potential LDAP groups classes. Separated by commas.
#-# The default is group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,posixGroup,apple-group
# xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,posixGroup,apple-group

#-# [Since 1.5M1]
#-# The potential names of the LDAP groups fields containings the members. Separated by commas.
#-# The default is member,uniqueMember,memberUid
# xwiki.authentication.ldap.group_memberfields=member,uniqueMember,memberUid

#-# Retrieve the following fields from LDAP and store them in the XWiki user object (xwiki-attribute=ldap-attribute)
#-# By default the list is empty
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail

#-# [Since 1.3M2]
#-# On every authentication update the mapped attributes from LDAP to XWiki otherwise this happens only once when the XWiki
#-# account is created.
#-# - 0: only when creating user
#-# - 1: at each authentication
#-# The default is 0
xwiki.authentication.ldap.update_user=1

Result 完成畫面

  • 一定要登入,才能看到畫面

Tomcat

  • service:sudo service tomcat7 restart
  • systemctl:sudo systemctl restart tomcat8

常用指令

  • start
  • stop
  • restart
  • status

Extensive Reading 延伸閱讀

  1. 介紹LDAP
  2. Ubuntu based GNU/Linux 上的防火牆 (ufw) 基本設定
  3. [PostgreSQL]

Reference 參考資料

  1. Install XWiki on Ubuntu 16.04
  2. 如何在Ubuntu 16.04上安装和配置XWiki
  3. LDAP Authenticator
  4. ubuntu 官方文件 - systemctl
  5. Installing XWiki .war package manually
  6. xwiki Installation

沒有留言:

張貼留言

本網站建議使用電腦或平板瀏覽