Channels
acryl-omnisend
advice-data-governance
advice-metadata-modeling
all-things-datahub-in-windows
all-things-deployment
announcements
authentication-authorization
chatter
column-level-lineage
contribute
contribute-datahub-blog
data-council-workshop-2023
datahub-soda-test
demo-slack-notifications
design-business-glossary
design-data-product-entity
design-data-quality
design-datahub-documentation
design-dataset-access-requests
design-dataset-joins
feature-requests
flyte-datahub-integration
getting-started
github-activities
help-
i18n-community-contribution
ingestion
integration-alteryx-datahub
integration-azure-datahub
integration-dagster-datahub
integration-databricks-datahub
integration-datastudio-datahub
integration-iceberg-datahub
integration-powerbi-datahub
integration-prefect-datahub
integration-protobuf
integration-tableau-datahub
integration-vertica-datahub
introduce-yourself
jobs
metadata-day22-hackathon
muti-tenant-deployment
office-hours
openapi
plugins
show-and-tell
talk-data-product-management
troubleshoot
ui
Title
g
great-motherboard-71467
08/12/2022, 1:31 PMHi Team,
I`m trying to integrate authentication for frontend UI with LDAP server
I have following config provided in to the jaas.conf
WHZ-Authentication {
com.sun.security.auth.module.LdapLoginModule sufficient
userProvider="<ldaps://ldaps.some.server.eu/dc=some,dc=domain,dc=com>"
authIdentity="{USERNAME}@some.domain.com"
userFilter="uid={USERNAME},cn=users,cn=accounts,dc=some,dc=domain,dc=com"
java.naming.security.authentication="simple"
debug="true"
useSSL="true";
};datahub-frontend-react | [LdapLoginModule] authentication-first mode; SSL enabled
datahub-frontend-react | [LdapLoginModule] user provider: <ldaps://ldaps.some.server.eu/cn=users,cn=accounts,dc=some,dc=domain,dc=com>
datahub-frontend-react | 13:06:46 [application-akka.actor.default-dispatcher-2] ERROR application - The submitted callback is of type: class javax.security.auth.callback.NameCallback : javax.security.auth.callback.NameCallback@332d2227
datahub-frontend-react | 13:06:46 [application-akka.actor.default-dispatcher-2] ERROR application - The submitted callback is of type: class javax.security.auth.callback.PasswordCallback : javax.security.auth.callback.PasswordCallback@7dbea6b9
datahub-frontend-react | [LdapLoginModule] attempting to authenticate user: some_test_user
datahub-frontend-react | [LdapLoginModule] authentication failed
datahub-frontend-react | [LdapLoginModule] aborted authenticationjava.naming.security.principal=
java.naming.security.credential=ldapsearch -H <ldaps://ldaps.some.server.eu> -x -b dc=some,dc=domain,dc=com '(&(objectClass=person)(uid=some_test_user))'Updating and answering to my self, for future purposes.
I were able to authenticate to LDAP after reading the whole documentation
https://docs.oracle.com/javase/8/docs/jre/api/security/jaas/spec/com/sun/security/auth/module/LdapLoginModule.html
It`s allowed me to login after using following configuration:
WHZ-Authentication {
com.sun.security.auth.module.LdapLoginModule sufficient
userProvider="<ldaps://ldaps.some.server.eu:636/cn=users,cn=accounts,dc=some,dc=domain,dc=com>"
authzIdentity="{USERNAME}"
userFilter="(&(objectClass=person)(uid={USERNAME}))"
java.naming.security.authentication="simple"
debug="true"
useSSL="true";
};authzIdentity="{USERNAME}"authzIdentity=authz_idauthz_idUserPrincipalSubject