Alternative LDAP auth backend for airflow to support openLDAP installation without memberOf overlay
Project description
An alternative LDAP backend for airflow
=======================================
The default LDAP backend works with OpenLDAP if the memberOf overlay is
activated (see http://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance)
I.e., users must present the `memberOf` attribute to know what group they
belong to. If your LDAP server only has groups with `memberUid` (or any
other key like `member`) listing the users belonging to the group, then
you need something different. This is what this module attemps to provide.
Installation
============
Using pip:
```
pip install airflow-alt-ldap
```
Configuration
=============
Activate authentication via this LDAP backend in `airflow.cfg` config:
```
[webserver]
authenticate = True
auth_backend = airflow-alt-ldap.auth.backend.ldap_auth
```
Then you can configure that module using the following keys (example conf to be adapted):
```
uri = ldap://localhost:389
user_basedn = ou=people,dc=nexmo,dc=com
user_filter = uid=*
user_name_attr = uid
group_basedn = ou=groups,dc=nexmo,dc=com
group_member_attr = memberUid
group_filter = cn=*
superuser_filter = cn=admingroup
data_profiler_filter = cn=datagroup
bind_user = uid=binddn,dc=example,dc=com
bind_password = MyAwesomePassword
# cacert = /etc/ca/ldap_ca.crt
# Set search_scope to one of them: BASE, LEVEL , SUBTREE
# Set search_scope to SUBTREE if using Active Directory, and not specifying an Organizational Unit
search_scope = SUBTREE
```
=======================================
The default LDAP backend works with OpenLDAP if the memberOf overlay is
activated (see http://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance)
I.e., users must present the `memberOf` attribute to know what group they
belong to. If your LDAP server only has groups with `memberUid` (or any
other key like `member`) listing the users belonging to the group, then
you need something different. This is what this module attemps to provide.
Installation
============
Using pip:
```
pip install airflow-alt-ldap
```
Configuration
=============
Activate authentication via this LDAP backend in `airflow.cfg` config:
```
[webserver]
authenticate = True
auth_backend = airflow-alt-ldap.auth.backend.ldap_auth
```
Then you can configure that module using the following keys (example conf to be adapted):
```
uri = ldap://localhost:389
user_basedn = ou=people,dc=nexmo,dc=com
user_filter = uid=*
user_name_attr = uid
group_basedn = ou=groups,dc=nexmo,dc=com
group_member_attr = memberUid
group_filter = cn=*
superuser_filter = cn=admingroup
data_profiler_filter = cn=datagroup
bind_user = uid=binddn,dc=example,dc=com
bind_password = MyAwesomePassword
# cacert = /etc/ca/ldap_ca.crt
# Set search_scope to one of them: BASE, LEVEL , SUBTREE
# Set search_scope to SUBTREE if using Active Directory, and not specifying an Organizational Unit
search_scope = SUBTREE
```
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
airflow-alt-ldap-0.0.2.tar.gz
(10.5 kB
view details)
File details
Details for the file airflow-alt-ldap-0.0.2.tar.gz.
File metadata
- Download URL: airflow-alt-ldap-0.0.2.tar.gz
- Upload date:
- Size: 10.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ca602f1f388e9de2e9041c19a4f4c965b980f8260606f1a6789829e69ea5afbf |
|
| MD5 | 33dbb2eb377f05b3308ca187e896e1e7 |
|
| BLAKE2b-256 | ba328bdbe8ab19edfacfe9e79e2737167e6be1fcdfa3dcc3f74c89373877d6d3 |
