Hi Team I`m trying to integrate authentication for frontend DataHub #troubleshoot

Hi Team, I`m trying to integrate authentication f...

great-motherboard-71467

08/12/2022, 1:31 PM

Hi Team, I`m trying to integrate authentication for frontend UI with LDAP server I have following config provided in to the jaas.conf

Copy code

WHZ-Authentication {
  com.sun.security.auth.module.LdapLoginModule sufficient
  userProvider="<ldaps://ldaps.some.server.eu/dc=some,dc=domain,dc=com>"
  authIdentity="{USERNAME}@some.domain.com"
  userFilter="uid={USERNAME},cn=users,cn=accounts,dc=some,dc=domain,dc=com"
  java.naming.security.authentication="simple"
  debug="true"
  useSSL="true";
};

Whatever i`m changing inside of this config for example port setting to :636 I`m ending with following error

Copy code

datahub-frontend-react    |             [LdapLoginModule] authentication-first mode; SSL enabled
datahub-frontend-react    |             [LdapLoginModule] user provider: <ldaps://ldaps.some.server.eu/cn=users,cn=accounts,dc=some,dc=domain,dc=com>
datahub-frontend-react    | 13:06:46 [application-akka.actor.default-dispatcher-2] ERROR application - The submitted callback is of type: class javax.security.auth.callback.NameCallback : javax.security.auth.callback.NameCallback@332d2227
datahub-frontend-react    | 13:06:46 [application-akka.actor.default-dispatcher-2] ERROR application - The submitted callback is of type: class javax.security.auth.callback.PasswordCallback : javax.security.auth.callback.PasswordCallback@7dbea6b9
datahub-frontend-react    |             [LdapLoginModule] attempting to authenticate user: some_test_user
datahub-frontend-react    |             [LdapLoginModule] authentication failed
datahub-frontend-react    |             [LdapLoginModule] aborted authentication

No matter if i will change authIdentity to only {USERNAME} or if i will provide with domain name, or with dc standard. It is not working. Or when i`m trying to provide technical user which will connect by providing

Copy code

java.naming.security.principal=
java.naming.security.credential=

Then the Dummy Module is authenticating everything in such case. When i`m doing on my CLI following ldapsearch, i`m able to get info from LDAP about the specific user

Copy code

ldapsearch -H <ldaps://ldaps.some.server.eu> -x -b dc=some,dc=domain,dc=com '(&(objectClass=person)(uid=some_test_user))'

Any hint what could be wrong ?

134 Views

Open in Slack

Previous Next