<!-- 
RSS generated by JIRA (9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b) at Mon Feb 12 01:09:23 CET 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>Magnolia - Issue tracker</title>
    <link>https://jira.magnolia-cms.com</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-uk</language>    <build-info>
        <version>9.4.2</version>
        <build-number>940002</build-number>
        <build-date>19-01-2023</build-date>
    </build-info>


<item>
            <title>[DOCU-469] Changes in ntlm 4.5 and 5 documentation</title>
                <link>https://jira.magnolia-cms.com/browse/DOCU-469</link>
                <project id="10190" key="DOCU">Documentation</project>
                    <description>&lt;p&gt;&lt;a href=&quot;http://documentation.magnolia-cms.com/display/DOCS45/NTLM+Connector+module&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://documentation.magnolia-cms.com/display/DOCS45/NTLM+Connector+module&lt;/a&gt; need to be improved.&lt;/p&gt;

&lt;p&gt;NTLM module which is compatible with 4.5 and 5 is version 1.1. &lt;a href=&quot;http://documentation.magnolia-cms.com/display/DOCS/NTLM+Connector+module&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://documentation.magnolia-cms.com/display/DOCS/NTLM+Connector+module&lt;/a&gt; can be same as for 4.5 there are no differences in setup.&lt;/p&gt;

&lt;p&gt;Because of conflict with guava library. Waffle needs guava 13.0.1 and it&apos;s incompatible with guava 10.0.1 witch is used by Magnolia. It&apos;s possible use NTLM module only whe SSO authentication via tomcat is enabled. This limitation should be fixed with Magnolia 5.2 see &lt;a href=&quot;https://jira.magnolia-cms.com/browse/MAGNOLIA-4847&quot; title=&quot;Upgrade to newer version of guava&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MAGNOLIA-4847&quot;&gt;&lt;del&gt;MAGNOLIA-4847&lt;/del&gt;&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Changes in &quot;To configure the module:&quot; section.&lt;/p&gt;

&lt;p&gt;1.Stop the application server(s) where you are deploying the module.&lt;br/&gt;
2.Copy the provided &lt;tt&gt;magnolia-module-ntlm&lt;/tt&gt; JAR file into &lt;tt&gt;WEB-INF/lib&lt;/tt&gt; directory inside your webapp. Location of this directory depends on the application server.&lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Tomcat: /webapps/magnoliaAuthor/WEB-INF/lib&lt;/li&gt;
	&lt;li&gt;JBoss: /server/default/deploy/magnoliaPublic/WEB-INF/lib&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;3.Copy provided &lt;tt&gt;jaas.policy&lt;/tt&gt; file into the magnoliaAuthor and magnoliaPublic directories.&lt;br/&gt;
4.Enable SSO authentication via Tomcat: &lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Copy provided &lt;tt&gt;context.xml&lt;/tt&gt; into &lt;tt&gt;magnoliaAuthor/META-INF&lt;/tt&gt; and &lt;tt&gt;magnoliaPublic/META-INF&lt;/tt&gt; directories.&lt;/li&gt;
	&lt;li&gt;Copy all JARs in bundle, with exception of the &lt;tt&gt;magnolia-module-ntlm&lt;/tt&gt; JAR and also only appropriate &lt;tt&gt;waffle-tomcat*&lt;/tt&gt; JAR, to CATALINA_HOME/lib.&lt;br/&gt;
    Note: If you use tomacat 6 then you need use &lt;tt&gt;waffle-tomcat6&lt;/tt&gt; JAR, if tomcat 7 then &lt;tt&gt;waffle-tomcat7&lt;/tt&gt; JAR. If you use different AS please find appropriate JAR at &lt;a href=&quot;https://oss.sonatype.org/content/repositories/releases/com/github/dblock/waffle/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://oss.sonatype.org/content/repositories/releases/com/github/dblock/waffle/&lt;/a&gt;&lt;/li&gt;
	&lt;li&gt;Copy all slf4j and its commons-logging wrapper JARs to CATALINA_HOME/lib.&lt;br/&gt;
    Note: These JARs (&lt;tt&gt;slf4j-log4j12&lt;/tt&gt;, &lt;tt&gt;slf4j-api&lt;/tt&gt; and &lt;tt&gt;jcl-over-slf4j&lt;/tt&gt;) will be located in the Tomcat installation directory in Magnolia Enterprise Edition in magnoliaAuthor/WEB-INF and magnoliaPublic/WEB-INF.&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;5. Set ssoSlave = true in your ad.properties file.&lt;br/&gt;
Note: ad.properties is contained within the LDAP connector bundle and is typically in the directory WEB-INF/config/ldap.&lt;/p&gt;

&lt;p&gt;6.Append following to jaas.config in magnoliaAuthor/WEB-INF/config and magnoliaPublic/WEB-INF/config:&lt;/p&gt;

&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
Jaas {
   waffle.jaas.WindowsLoginModule sufficient;
};
&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;

&lt;p&gt;7. Two ways how to avoid behavior when logged user can change his identity to another user without knowing the password&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Disable &lt;tt&gt;Config:/server/filters/login/form&lt;/tt&gt; (info.magnolia.cms.security.auth.login.FormLogin) handler&lt;/li&gt;
	&lt;li&gt;Split &lt;tt&gt;info.magnolia.jaas.sp.jcr.JCRAuthenticationModule&lt;/tt&gt; and &lt;tt&gt;info.magnolia.jaas.sp.ldap.ADAuthenticationModulejaas&lt;/tt&gt; into different jaas login chain&lt;br/&gt;
      Example: Add &lt;tt&gt;jaasChain&lt;/tt&gt; property to &lt;tt&gt;Config:/server/filters/login/ntlm/&lt;/tt&gt; with value &lt;tt&gt;magnolia-ntlm&lt;/tt&gt;. Then change your jaas.config to:&lt;/li&gt;
&lt;/ul&gt;


      &lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
magnolia {
  info.magnolia.jaas.sp.jcr.JCRAuthenticationModule required;
  info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required;
};

magnolia-ntlm {
  info.magnolia.jaas.sp.ldap.ADAuthenticationModule required realm=external;
  info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required;
};

Jaas {
  waffle.jaas.WindowsLoginModule sufficient;
};
&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;


&lt;p&gt;Changes in &lt;a href=&quot;http://documentation.magnolia-cms.com/display/DOCS45/NTLM+Connector+module#NTLMConnectormodule-Howitworks&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&quot;How it works&quot;&lt;/a&gt; section.&lt;/p&gt;

&lt;blockquote&gt;&lt;p&gt;Client callbacks are added for URI and content security filters. ...&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;It&apos;s not true anymore instead of NTLM client callback is added into securityCallback Configuration:/server/filters/securityCallback/clientCallbacks/ntlm&lt;/p&gt;</description>
                <environment></environment>
        <key id="33082">DOCU-469</key>
            <summary>Changes in ntlm 4.5 and 5 documentation</summary>
                <type id="4" iconUrl="https://jira.magnolia-cms.com/secure/viewavatar?size=xsmall&amp;avatarId=10890&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/priorities/neutral.gif">Neutral</priority>
                        <status id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are not closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="1">Fixed</resolution>
                                        <assignee username="ahietala">Antti Hietala</assignee>
                                    <reporter username="mdivilek">Milan Divilek</reporter>
                        <labels>
                    </labels>
                <created>Thu, 12 Sep 2013 16:54:32 +0200</created>
                <updated>Tue, 7 Oct 2014 10:22:04 +0200</updated>
                            <resolved>Tue, 7 Oct 2014 09:29:28 +0200</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="72128" author="rkovarik" created="Tue, 22 Oct 2013 09:28:56 +0200"  >&lt;blockquote&gt;
&lt;p&gt;Security&lt;/p&gt;

&lt;p&gt;To avoid logged in users bypassing password requirement and changing identity:&lt;/p&gt;

&lt;ol&gt;
	&lt;li&gt;Disable Config:/server/filters/login/form (info.magnolia.cms.security.auth.login.FormLogin) handler&lt;/li&gt;
	&lt;li&gt;Split info.magnolia.jaas.sp.jcr.JCRAuthenticationModule and info.magnolia.jaas.sp.ldap.ADAuthenticationModulejaas into separate jaas login chains&lt;/li&gt;
	&lt;li&gt;For example, add jaasChain property to Config:/server/filters/login/ntlm/ with value magnolia-ntlm. Then change your jaas.config to:&lt;/li&gt;
&lt;/ol&gt;
&lt;/blockquote&gt;

&lt;p&gt;There&apos;s extra &apos;3&apos; which could be misleading. Otherwise seems OK. &lt;/p&gt;</comment>
                            <comment id="92280" author="ruths" created="Tue, 7 Oct 2014 09:29:10 +0200"  >&lt;p&gt;Documented at:&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;&lt;a href=&quot;http://documentation.magnolia-cms.com/display/DOCS/NTLM+Connector+module&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://documentation.magnolia-cms.com/display/DOCS/NTLM+Connector+module&lt;/a&gt;&lt;/li&gt;
	&lt;li&gt;&lt;a href=&quot;http://documentation.magnolia-cms.com/display/DOCS45/NTLM+Connector+module&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://documentation.magnolia-cms.com/display/DOCS45/NTLM+Connector+module&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10010">
                    <name>relation</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="32987">MGNLNTLM-5</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                            <customfield id="customfield_14166" key="com.okapya.jira.checklist:checklist">
                        <customfieldname>Acceptance criteria</customfieldname>
                        <customfieldvalues>
                            
        <checklist>
        <![CDATA[
                            




                
                                    <div class="o-completion" style="display: flex; flex-shrink: 0;"><span  class="aui-lozenge aui-lozenge-complete" style="font-size: 12px; font-weight: normal; display: flex; flex-direction: row; align-items: center;" ><span style="padding-right: 4px; vertical-align: middle;"><svg width="15" height="15" viewBox="0 0 15 15" xmlns="http://www.w3.org/2000/svg" fill="white"><path clip-rule="evenodd" d="m10.41037,3.42544l-7.86501,0c-0.72395,0 -1.31084,0.58688 -1.31084,1.31084l0,7.86508c0,0.7239 0.58689,1.3108 1.31084,1.3108l7.86501,0c0.724,0 1.3109,-0.5869 1.3109,-1.3108l0,-7.86508c0,-0.72396 -0.5869,-1.31084 -1.3109,-1.31084zm-7.86501,-0.65542c-1.08593,0 -1.96626,0.88032 -1.96626,1.96626l0,7.86508c0,1.0859 0.88033,1.9662 1.96626,1.9662l7.86501,0c1.086,0 1.9663,-0.8803 1.9663,-1.9662l0,-7.86508c0,-1.08594 -0.8803,-1.96626 -1.9663,-1.96626l-7.86501,0z" fill-rule="evenodd"/><path d="m5.09049,10.18526l-1.82767,-1.82766l-0.78479,0.78479l2.61246,2.61246l5.38758,-5.38754l-0.78483,-0.78479l-4.60275,4.60274z"/></svg></span><span>Empty</span></span></div>
                        ]]>
    </checklist>


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10111" key="com.atlassian.jira.toolkit:reporterdomain">
                        <customfieldname>Company</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>magnolia-cms.com</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10031" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Fri, 11 Oct 2013 13:38:58 +0200</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_12730" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_14151" key="com.atlassian.jira.toolkit:message">
                        <customfieldname>Docu info</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10061" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comm is not jira-dev</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10071" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last participant</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>mmuehlebach</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_13136" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            9 years, 19 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10020" key="com.atlassian.jira.toolkit:attachments">
                        <customfieldname>Number of attachments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10150" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname>Number of comments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>ahietala</customfieldvalue>
            <customfieldvalue>mdivilek</customfieldvalue>
            <customfieldvalue>rkovarik</customfieldvalue>
            <customfieldvalue>ruths</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10833" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i023gn:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10244" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>12287</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14145" key="com.intenso.jira.issue-templates:issue-templates-customfield">
                        <customfieldname>Template</customfieldname>
                        <customfieldvalues>
                            


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_15131" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Time in Discovery</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>