Question

We have a wikiname issue. In the cache.db file, for Ldap Contrib, wikinames have been generated in all caps with the surname before the first name(The 'backwards' issue has been resolved). Here's an example of my info, as it appears throughout the cache file:

cn=shiva.goudarzi, cn=employees, cn=users, dc=woozer, dc=com 
U2DN::shiva.goudarzi
shiva.goudarziDN2U::cn=shiva.goudarzi,cn=employees,cn=users,dc=woozer,dc=com
shiva.goudarziDN2U::cn=shiva.goudarzi,cn=employees,cn=users,dc=woozer,dc=com
shiva.goudarziW2U::SHIVAGOUDARZI
SHIVAGOUDARZIU2W::shiva.goudarzi
shiva.goudarzi@woozer.comU2EMAILS::shiva.goudarzi
cn=shiva.goudarzi,cn=employees,cn=users,dc=woozer,dc=comU2DN::shiva.goudarzi
SHIVAGOUDARZIU2W::shiva.goudarzi
shiva.goudarziDN2U::cn=shiva.goudarzi,cn=employees,cn=users,dc=woozer,dc=com
shiva.goudarziDN2U::cn=shiva.goudarzi,cn=employees,cn=users,dc=woozer,dc=com

Here are my config settings:

$TWiki::cfg{DefaultUrlHost} = 'http://wiki.woozer.com';
$TWiki::cfg{PermittedRedirectHostUrls} = '';
$TWiki::cfg{ScriptUrlPath} = '/twiki/bin';
$TWiki::cfg{PubUrlPath} = '/twiki/pub';
$TWiki::cfg{PubDir} = '/oracle/twiki/pub';
$TWiki::cfg{TemplateDir} = '/oracle/twiki/templates';
$TWiki::cfg{DataDir} = '/oracle/twiki/data';
$TWiki::cfg{LocalesDir} = '/oracle/twiki/locale';
$TWiki::cfg{WorkingDir} = '/oracle/twiki/working';
$TWiki::cfg{ScriptSuffix} = '';
$TWiki::cfg{Password} = 'secret';
$TWiki::cfg{SafeEnvPath} = '/bin:/usr/bin';
$TWiki::cfg{UseClientSessions} = 1;
$TWiki::cfg{Sessions}{ExpireAfter} = 21600;
$TWiki::cfg{Sessions}{ExpireCookiesAfter} = 0;
$TWiki::cfg{Sessions}{IDsInURLs} = 0;
$TWiki::cfg{Sessions}{UseIPMatching} = 1;
$TWiki::cfg{Sessions}{MapIP2SID} = 0;
$TWiki::cfg{LoginManager} = 'TWiki::LoginManager::TemplateLogin';
$TWiki::cfg{LoginNameFilterIn} = '^[^\\s\\*?~^\\$@%`"\'&;|<>\\x00-\\x1f]+$';
$TWiki::cfg{DefaultUserLogin} = 'guest';
$TWiki::cfg{DefaultUserWikiName} = 'TWikiGuest';
$TWiki::cfg{AdminUserLogin} = 'admin';
$TWiki::cfg{AdminUserWikiName} = 'TWikiAdminUser';
$TWiki::cfg{SuperAdminGroup} = 'TWikiAdminGroup';
$TWiki::cfg{UsersTopicName} = 'TWikiUsers';
$TWiki::cfg{AuthScripts} = 'attach,edit,manage,rename,save,upload,viewauth,rdiffauth,rest';
$TWiki::cfg{AuthRealm} = 'Enter your TWiki.LoginName. (Typically First name and last name, no space, no dots, capitalized, e.g. !JohnSmith, unless you chose otherwise). Visit TWiki.TWikiRegistration if you do not have one.';
$TWiki::cfg{UserMappingManager} = 'TWiki::Users::LdapUserMapping';
$TWiki::cfg{Register}{EnableNewUserRegistration} = 1;
$TWiki::cfg{Register}{HidePasswd} = 1;
$TWiki::cfg{PasswordManager} = 'TWiki::Users::LdapUser';
$TWiki::cfg{MinPasswordLength} = 5;
$TWiki::cfg{Htpasswd}{FileName} = '/oracle/twiki/data/.htpasswd';
$TWiki::cfg{Htpasswd}{Encoding} = 'crypt';
$TWiki::cfg{OS} = 'UNIX';
$TWiki::cfg{DetailedOS} = 'linux';
$TWiki::cfg{DenyDotDotInclude} = 1;
$TWiki::cfg{AllowInlineScript} = 1;
$TWiki::cfg{UploadFilter} = '^(\\.htaccess|.*\\.(?i)(?:php[0-9s]?(\\..*)?|[sp]htm[l]?(\\..*)?|pl|py|cgi))$';
$TWiki::cfg{NameFilter} = '[\\s\\*?~^\\$@%`"\'&;|<>\\[\\]\\x00-\\x1f]';
$TWiki::cfg{AccessibleENV} = '^(HTTP_\\w+|REMOTE_\\w+|SERVER_\\w+|REQUEST_\\w+|MOD_PERL)$';
$TWiki::cfg{AntiSpam}{EmailPadding} = '';
$TWiki::cfg{AntiSpam}{HideUserDetails} = 1;
$TWiki::cfg{AntiSpam}{RobotsAreWelcome} = 1;
$TWiki::cfg{Log}{view} = 1;
$TWiki::cfg{Log}{search} = 1;
$TWiki::cfg{Log}{changes} = 1;
$TWiki::cfg{Log}{rdiff} = 1;
$TWiki::cfg{Log}{edit} = 1;
$TWiki::cfg{Log}{save} = 1;
$TWiki::cfg{Log}{upload} = 1;
$TWiki::cfg{Log}{attach} = 1;
$TWiki::cfg{Log}{rename} = 1;
$TWiki::cfg{Log}{register} = 1;
$TWiki::cfg{ConfigurationLogName} = '/oracle/twiki/data/configurationlog.txt';
$TWiki::cfg{DebugFileName} = '/oracle/twiki/data/debug.txt';
$TWiki::cfg{WarningFileName} = '/oracle/twiki/data/warn%DATE%.txt';
$TWiki::cfg{LogFileName} = '/oracle/twiki/data/log%DATE%.txt';
$TWiki::cfg{Languages}{es}{Enabled} = 1;
$TWiki::cfg{Languages}{cs}{Enabled} = 1;
$TWiki::cfg{Languages}{pt}{Enabled} = 1;
$TWiki::cfg{Languages}{fr}{Enabled} = 1;
$TWiki::cfg{Languages}{ru}{Enabled} = 1;
$TWiki::cfg{Languages}{sv}{Enabled} = 1;
$TWiki::cfg{Languages}{it}{Enabled} = 1;
$TWiki::cfg{Languages}{da}{Enabled} = 1;
$TWiki::cfg{Languages}{jp}{Enabled} = 1;
$TWiki::cfg{Languages}{'zh-cn'}{Enabled} = 1;
$TWiki::cfg{Languages}{bg}{Enabled} = 1;
$TWiki::cfg{Languages}{pl}{Enabled} = 1;
$TWiki::cfg{Languages}{nl}{Enabled} = 1;
$TWiki::cfg{Languages}{'zh-tw'}{Enabled} = 1;
$TWiki::cfg{Languages}{de}{Enabled} = 1;
$TWiki::cfg{DisplayTimeValues} = 'servertime';
$TWiki::cfg{DefaultDateFormat} = '$day $month $year';
$TWiki::cfg{Site}{Locale} = 'en_US.ISO-8859-1';
$TWiki::cfg{Site}{LocaleRegexes} = 1;
$TWiki::cfg{UpperNational} = '';
$TWiki::cfg{LowerNational} = '';
$TWiki::cfg{PluralToSingular} = 1;
$TWiki::cfg{StoreImpl} = 'RcsWrap';
$TWiki::cfg{RCS}{ExtOption} = '';
$TWiki::cfg{RCS}{dirPermission} = 493;
$TWiki::cfg{RCS}{filePermission} = 420;
$TWiki::cfg{Store}{RememberChangesFor} = 2678400;
$TWiki::cfg{RCS}{asciiFileSuffixes} = '\\.(txt|html|xml|pl)$';
$TWiki::cfg{RCS}{initBinaryCmd} = '/usr/bin/rcs  -i -t-none -kb %FILENAME|F%';
$TWiki::cfg{RCS}{initTextCmd} = '/usr/bin/rcs  -i -t-none -ko %FILENAME|F%';
$TWiki::cfg{RCS}{tmpBinaryCmd} = '/usr/bin/rcs  -kb %FILENAME|F%';
$TWiki::cfg{RCS}{ciCmd} = '/usr/bin/ci  -m%COMMENT|U% -t-none -w%USERNAME|S% -u %FILENAME|F%';
$TWiki::cfg{RCS}{ciDateCmd} = '/usr/bin/ci  -m%COMMENT|U% -t-none -d%DATE|D% -u -w%USERNAME|S% %FILENAME|F%';
$TWiki::cfg{RCS}{coCmd} = '/usr/bin/co  -p%REVISION|N% -ko %FILENAME|F%';
$TWiki::cfg{RCS}{histCmd} = '/usr/bin/rlog  -h %FILENAME|F%';
$TWiki::cfg{RCS}{infoCmd} = '/usr/bin/rlog  -r%REVISION|N% %FILENAME|F%';
$TWiki::cfg{RCS}{rlogDateCmd} = '/usr/bin/rlog  -d%DATE|D% %FILENAME|F%';
$TWiki::cfg{RCS}{diffCmd} = '/usr/bin/rcsdiff  -q -w -B -r%REVISION1|N% -r%REVISION2|N% -ko --unified=%CONTEXT|N% %FILENAME|F%';
$TWiki::cfg{RCS}{lockCmd} = '/usr/bin/rcs  -l %FILENAME|F%';
$TWiki::cfg{RCS}{unlockCmd} = '/usr/bin/rcs  -u %FILENAME|F%';
$TWiki::cfg{RCS}{breaklockCmd} = '/usr/bin/rcs  -u -M %FILENAME|F%';
$TWiki::cfg{RCS}{delRevCmd} = '/usr/bin/rcs  -o%REVISION|N% %FILENAME|F%';
$TWiki::cfg{RCS}{SearchAlgorithm} = 'TWiki::Store::SearchAlgorithms::Forking';
$TWiki::cfg{RCS}{QueryAlgorithm} = 'TWiki::Store::QueryAlgorithms::BruteForce';
$TWiki::cfg{RCS}{EgrepCmd} = '/bin/grep -E %CS{|-i}% %DET{|-l}% -H -- %TOKEN|U% %FILES|F%';
$TWiki::cfg{RCS}{FgrepCmd} = '/bin/grep -F %CS{|-i}% %DET{|-l}% -H -- %TOKEN|U% %FILES|F%';
$TWiki::cfg{EnableHierarchicalWebs} = 1;
$TWiki::cfg{SystemWebName} = 'TWiki';
$TWiki::cfg{TrashWebName} = 'Trash';
$TWiki::cfg{UsersWebName} = 'Main';
$TWiki::cfg{EnableEmail} = 1;
$TWiki::cfg{WebMasterEmail} = 'shiva.goudarzi@woozer.com';
$TWiki::cfg{WebMasterName} = 'TWiki Administrator';
$TWiki::cfg{MailProgram} = '/usr/sbin/sendmail -t -oi -oeq';
$TWiki::cfg{SMTP}{MAILHOST} = 'mailout.woozer.com';
$TWiki::cfg{SMTP}{SENDERHOST} = '';
$TWiki::cfg{SMTP}{Username} = '';
$TWiki::cfg{SMTP}{Password} = '';
$TWiki::cfg{RemoveImgInMailnotify} = 1;
$TWiki::cfg{NotifyTopicName} = 'WebNotify';
$TWiki::cfg{SMTP}{Debug} = 1;
$TWiki::cfg{PROXY}{HOST} = '';
$TWiki::cfg{PROXY}{PORT} = '';
$TWiki::cfg{Stats}{TopViews} = 10;
$TWiki::cfg{Stats}{TopContrib} = 10;
$TWiki::cfg{Stats}{TopicName} = 'WebStatistics';
$TWiki::cfg{TemplatePath} = '/oracle/twiki/templates/$web/$name.$skin.tmpl, /oracle/twiki/templates/$name.$skin.tmpl, /oracle/twiki/templates/$web/$name.tmpl, /oracle/twiki/templates/$name.tmpl, $web.$skinSkin$nameTemplate, TWiki.$skinSkin$nameTemplate, $web.$nameTemplate, TWiki.$nameTemplate';
$TWiki::cfg{LinkProtocolPattern} = '(file|ftp|gopher|https|http|irc|mailto|news|nntp|telnet)';
$TWiki::cfg{SiteWebTopicName} = '';
$TWiki::cfg{SitePrefsTopicName} = 'TWikiPreferences';
$TWiki::cfg{LocalSitePreferences} = 'Main.TWikiPreferences';
$TWiki::cfg{HomeTopicName} = 'WebHome';
$TWiki::cfg{WebPrefsTopicName} = 'WebPreferences';
$TWiki::cfg{NumberOfRevisions} = 4;
$TWiki::cfg{ReplaceIfEditedAgainWithin} = 3600;
$TWiki::cfg{LeaseLength} = 3600;
$TWiki::cfg{LeaseLengthLessForceful} = 3600;
$TWiki::cfg{MimeTypesFileName} = '/oracle/twiki/data/mime.types';
$TWiki::cfg{Plugins}{CommentPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{EditTablePlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{InterwikiPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{PreferencesPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{SlideShowPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{SmiliesPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{SpreadSheetPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{TablePlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{TinyMCEPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{TwistyPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{WysiwygPlugin}{Enabled} = 1;
$TWiki::cfg{PluginsOrder} = 'SpreadSheetPlugin';
$TWiki::cfg{ExtensionsRepositories} = 'TWiki.org=(http://twiki.org/cgi-bin/view/Plugins/,http://twiki.org/p/pub/Plugins/)';
$TWiki::cfg{MailerContrib}{EmailFilterIn} = '';
$TWiki::cfg{Site}{CharSet} = 'iso-8859-1';
$TWiki::cfg{Site}{Lang} = 'en';
$TWiki::cfg{Site}{FullLang} = 'en-us';
$TWiki::cfg{UseLocale} = 1;
$TWiki::cfg{Plugins}{LdapNgPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{NewUserPlugin}{Enabled} = 1;
$TWiki::cfg{Ldap}{Host} = 'ldap.woozer.com';
$TWiki::cfg{Ldap}{Port} = 389;
$TWiki::cfg{Ldap}{Version} = '3';
$TWiki::cfg{Ldap}{Base} = 'cn=users,dc=woozer,dc=com';
$TWiki::cfg{Ldap}{BindDN} = 'cn=admin';
$TWiki::cfg{Ldap}{BindPassword} = 'secret';
$TWiki::cfg{Ldap}{UseSASL} = 0;
$TWiki::cfg{Ldap}{SASLMechanism} = 'PLAIN CRAM-MD5 EXTERNAL ANONYMOUS';
$TWiki::cfg{Ldap}{Debug} = 1;
$TWiki::cfg{Ldap}{UserBase} = 'cn=users,dc=woozer,dc=com';
$TWiki::cfg{Ldap}{LoginFilter} = 'objectClass=inetOrgPerson';
$TWiki::cfg{Ldap}{LoginAttribute} = 'uid';
$TWiki::cfg{Ldap}{WikiNameAttribute} = 'givenName, sn';
$TWiki::cfg{Ldap}{NormalizeWikiNames} = 1;
$TWiki::cfg{Ldap}{NormalizeLoginName} = 0;
$TWiki::cfg{Ldap}{AllowChangePassword} = 0;
$TWiki::cfg{Ldap}{SecondaryPasswordManager} = 'none';
$TWiki::cfg{Ldap}{GroupBase} = 'cn=groups,dc=woozer,dc=com';
$TWiki::cfg{Ldap}{GroupFilter} = 'objectClass=posixGroup';
$TWiki::cfg{Ldap}{GroupAttribute} = 'cn';
$TWiki::cfg{Ldap}{MemberAttribute} = 'memberUid';
$TWiki::cfg{Ldap}{MemberIndirection} = 1;
$TWiki::cfg{Ldap}{TWikiGroupsBackoff} = 1;
$TWiki::cfg{Ldap}{NormalizeGroupName} = 0;
$TWiki::cfg{Ldap}{MapGroups} = 1;
$TWiki::cfg{Ldap}{MaxCacheAge} = 0;
$TWiki::cfg{Ldap}{PageSize} = 500;
$TWiki::cfg{Ldap}{Exclude} = 'TWikiGuest, TWikiContributor, TWikiRegistrationAgent, TWikiAdminGroup, NobodyGroup, JohnDoe, JaneDoe';
$TWiki::cfg{Register}{AllowLoginName} = 1;
$TWiki::cfg{Plugins}{DebugLogPlugin}{Enabled} = 1;
$TWiki::cfg{Plugins}{GluePlugin}{Enabled} = 1;
1;

We authenticate with LDAP against Oracle's OID server. This issue does not apply to TWiki v4.1.2, which we've downgraded to on our test server.

Where can we modify the code to force proper wikiname syntax? and How can we force proper concatenation of givenName and surname?

Concatenation of givenName & surname works fine; the all caps format is the main issue because it creates many problems. For instance, if I were to place SHIVAGOUDARZI wikiname in TWikiAdminGroup, the system does not register Shiva as part of the admin group. Access control, it seems, is only effective with topics that are in proper wikiname syntax.

Our givenName & surname fields within OID are populated with values written in all caps. Does the capitalization of ldap values affect the generation of wikinames for anyone else?

This was considered a bug, in the last release, but is still a bug now.

Any help would be appreciated.

Environment

-- ShivaGoudarzi - 19 Mar 2008

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

Hi Shiva, can you reopen Bugs:Item4205, or even better file a new one, please. I will have to take a look at it. Best to collect all those issues in the bugtracker. Thanks.

-- MichaelDaum - 22 Mar 2008

Hi Michael, I filed a new report at Bugs:Item5470.

Also, we no longer face the backwards wikiname issue.

-- ShivaGoudarzi - 24 Mar 2008

If you look at the field values on the LDAP server (e.g., with SofTerra LDAP browser), are the field givenName and sn populated? Depending on how your LDAP administrator has set things up, you may need to use another field (or fields), e.g., sAMAccountname.

-- SeanCMorgan - 25 Mar 2008

Hi Sean, The fields are definitely populated, and we resolved the backwards wikiname issue. Currently, we face the problem of all upper case letters in wikiname. Any ideas on how to force proper wiki syntax?

-- ShivaGoudarzi - 26 Mar 2008

The fact that it works for you on 4.1 but not 4.2 may be environmental, something different about how you have set those up.

Looking at the code, it's as if the ucfirst function isn't working. From the Perl documentation, one way I can see that happening is if your locale has changed. Can you see if these Configuration values are the same between your two environments?

• {UseLocale}
• {Site}{Locale}
• {Site}{CharSet}
• {Site}{Lang}
• {Site}{FullLang}

-- SeanCMorgan - 27 Mar 2008

Hi Sean,

Thank you for responding; I updated the question, as well as our config settings. I also updated the Bugs:Item5470 to reflect current info.

We followed your suggestion, and found that indeed the config values were not identical in both environments. However, after modifying them to be consistent, we still were faced with the discrepancy between 4.1.2 and 4.2.0.

4.1.2 vs. 4.2.0: The all-caps wikiname problem occurs both in 4.1.2 and 4.2.0--meaning the cache of LdapContrib generates wiki names by concatenating the givenName and sn, in the exact format existing within OID. The values within these two fields are in uppercase letters for most of our users; only a handful have the proper capitalization (e.g., only first letter of each name in uppercase). So it looks like the process in which wikinames are generated is not case sensitive, even though it probably should be, since proper syntax is implied when considering the concept of generated wikinames.

The difference between 4.1.2 and 4.2.0, with regards to case sensitivity, is that 4.1.2 allows for case insensitive login that maps to the user's corresponding wikiname, as designated in the LdapContrib cache.

In 4.2.0, on the other hand, login names seem to be case sensitive in TWiki, and instead of pulling a wikiname from the cache, it creates another one based on the login name capitalization. This seems abnormal because it's bypassing the LdapContrib cache.

-- ShivaGoudarzi - 28 Mar 2008

1. I believe you meant Bugs:Item5470
2. For some reason I'm not auththorized to view TWiki:Main.ShivaGoudarzi, even when I'm logged in. Maybe you could copy the relevant details from there to the bug report?
3. I wonder if you used {Ldap}{NormalizeLoginName} = 1 if the WikiNames would be generated properly? (CamelCase names, like MacDonald, might still break though). That would require modifying LdapContrib.pm to add the ucfirst function from "sub normalizeWikiName" to "sub normalizeLoginName", like so:

   Replace return $name; with:

     my $LoginName = '';
     foreach my $part (split(/[^$TWiki::regex{mixedAlphaNum}]/, $name)) {
       $LoginName.= ucfirst($part);
     }
   
     return $LoginName;

Hi Sean; our login names are sometimes alphanumeric--and our wikinames are supposed to be generated based on givenName and sn, not login name. I'm not sure if I misunderstood your suggestion; could you please clarify?

-- ShivaGoudarzi - 03 Apr 2008

We've resolved the issue of wikinames in all caps by altering the LdapContrib PM file.

Lines 833-848:

if ($this->{normalizeWikiName}) {
      $this->writeDebug("XXXXX: wikiName before normalize: $wikiName");
      $wikiName .= $this->normalizeWikiName($value);
      $this->writeDebug("YYYYY: wikiName after normalize: $wikiName");
    } else {
      $wikiName .= $value;
    }
  }
  $wikiName ||= $loginName;
  if (defined($wikiNames->{$wikiName})) {
    $this->writeDebug("WARNING: $dn clashes with wikiName $wikiNames->{$wikiName} on $wikiName");
    $this->writeDebug("WARNING: trying renaming the wikiName $dn to $dn + $loginName ");
    $wikiName .= $loginName;
    $this->writeDebug("WARNING: ZZZZZ new wikiName is $wikiName");
    #return 0;
  }

Lines 971-979:

my $wikiName = '';
  foreach my $part (split(/[^$TWiki::regex{mixedAlphaNum}]/, $name)) {
    my $partName = lc($part);
    $wikiName .= ucfirst($partName);
#    $wikiName .= ucfirst($part);
   }

  return $wikiName;
}

Now we have the login name case sensitivity issue to address, which prevents a login name from mapping to the appropriate wikinames stored in ldap cache.db file.

-- ShivaGoudarzi - 16 Apr 2008

It could've just been a matter of removing the extra 's'. How nice. We were better off changing the code; this modification did not help our situation.

-- ShivaGoudarzi - 16 Apr 2008