Vipin Rathor created ZEPPELIN-2657:
--------------------------------------
Summary: Add group search filter option to LdapRealm
Key: ZEPPELIN-2657
URL: https://issues.apache.org/jira/browse/ZEPPELIN-2657
Project: Zeppelin
Issue Type: Bug
Components: zeppelin-server
Affects Versions: 0.7.2, 0.8.0
Reporter: Vipin Rathor
Problem:
While performing LDAP authentication, current Shiro module does a group=*
search while trying to get group-to-role mapping for any LDAP user. On a large
LDAP directory, this is a serious problem which might render RolesByGroup
feature not working as expected.
Fix:
Currently while doing LDAP authentication, there is no available option to
limit the group search results to the only groups that user is interested in.
This bug addresses the same and adds group search filter to Shiro configuration
for LdapRealm which will allow user to define a search filter and limit the
group search results.
Example:
{code:java}
ldapRealm = org.apache.zeppelin.realm.LdapRealm
...
...
ldapRealm.groupSearchFilter = (&(objectclass=groupofnames)(member={0}))
...
{code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
