User story #9786
openLDAP Group based Authorization
Description
User Authentication works very well with using LDAP as a provider.
However, if you want to manage the user roles in combination with LDAP Group, you will need to do nasty things, like generating the rudder-users.xml
according to the groups you have by a cronjob, and restart the whole jetty process in order to re-read the file and allow/disallow user logins on change.
This does influence the node generation and the users working with Rudder, as you might have unexpected loss of your session if the cronjob interval is high enough (which you will probably want, since revoking an user's login permissions need to be propagated pretty fast).
It is not that hard to query if an user belongs to a set (or even nested) groups, and it would ease the authz process a lot.
Updated by Benoît PECCATTE almost 8 years ago
- Category set to Web - Maintenance
- Target version set to 4.2.0~beta1
Updated by Alexis Mousset over 7 years ago
- Target version changed from 4.2.0~beta1 to 4.2.0~beta2
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.2.0~beta2 to 4.2.0~beta3
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.2.0~beta3 to 4.2.0~rc1
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.2.0~rc1 to 4.2.0~rc2
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.2.0~rc2 to 4.2.0
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.2.0 to 4.2.1
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.2.1 to 4.2.2
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.2.2 to 4.2.3
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.2.3 to 4.2.4
Updated by Benoît PECCATTE almost 7 years ago
- Target version changed from 4.2.4 to Ideas (not version specific)
Updated by François ARMAND about 4 years ago
- Project changed from Rudder to Authentication backends
- Category deleted (
Web - Maintenance) - Target version deleted (
Ideas (not version specific))
Updated by Alexis Mousset about 1 year ago
- Target version changed from 7.2 to Ideas