[jira] [Commented] (METRON-1844) Allow for LDAP to be used for authentication and roles

Tue, 30 Oct 2018 03:56:29 -0700 


    [ 
https://issues.apache.org/jira/browse/METRON-1844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16668528#comment-16668528
 ] 

ASF GitHub Bot commented on METRON-1844:
----------------------------------------

Github user anandsubbu commented on a diff in the pull request:

    https://github.com/apache/metron/pull/1246#discussion_r229259363
  
    --- Diff: 
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/params/params_linux.py
 ---
    @@ -267,6 +274,21 @@
         if 'solr-config-env' in config['configurations']:
             solr_principal_name = solr_principal_name.replace('_HOST', 
hostname_lowercase)
     
    +# LDAP
    +metron_ldap_url = 
config['configurations']['metron-security-env']['metron.ldap.url']
    +metron_ldap_userdn = 
config['configurations']['metron-security-env']['metron.ldap.bind.dn']
    +metron_ldap_password = 
config['configurations']['metron-security-env']['metron.ldap.bind.password']
    +metron_ldap_user_pattern = 
config['configurations']['metron-security-env']['metron.ldap.user.dnpattern']
    +metron_ldap_user_password = 
config['configurationsmetron_spring_profiles_active']['metron-security-env']['metron.ldap.user.password']
    --- End diff --
    
    Looks like a mispaste. `metron_spring_profiles_active` should be removed.


> Allow for LDAP to be used for authentication and roles
> ------------------------------------------------------
>
>                 Key: METRON-1844
>                 URL: https://issues.apache.org/jira/browse/METRON-1844
>             Project: Metron
>          Issue Type: New Feature
>            Reporter: Justin Leet
>            Assignee: Justin Leet
>            Priority: Major
>
> Based on Simon's work from the SSO feature branch, we can pull the LDAP 
> portions out in a more standalone manner.
> This should
>  * Letting users optionally use LDAP. Backwards-compatibility should be 
> maintained for JDBC purposes.
>  * Provide the configs necessary for SSL (this is just providing the 
> truststore args, Spring takes care of the actual connection)
>  * Be configured via Ambari
>  * Ensure roles can be mapped appropriately (e.g. ROLE_ADMIN and ROLE_USER).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to