Project

General

Profile

Actions

User story #9786

open

LDAP Group based Authorization

Added by Janos Mattyasovszky about 8 years ago. Updated about 1 year ago.

Status:
New
Priority:
N/A
Assignee:
-
Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

User Authentication works very well with using LDAP as a provider.

However, if you want to manage the user roles in combination with LDAP Group, you will need to do nasty things, like generating the rudder-users.xml according to the groups you have by a cronjob, and restart the whole jetty process in order to re-read the file and allow/disallow user logins on change.

This does influence the node generation and the users working with Rudder, as you might have unexpected loss of your session if the cronjob interval is high enough (which you will probably want, since revoking an user's login permissions need to be propagated pretty fast).

It is not that hard to query if an user belongs to a set (or even nested) groups, and it would ease the authz process a lot.

Actions #1

Updated by Benoît PECCATTE almost 8 years ago

  • Category set to Web - Maintenance
  • Target version set to 4.2.0~beta1
Actions #2

Updated by Alexis Mousset over 7 years ago

  • Target version changed from 4.2.0~beta1 to 4.2.0~beta2
Actions #3

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 4.2.0~beta2 to 4.2.0~beta3
Actions #4

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 4.2.0~beta3 to 4.2.0~rc1
Actions #5

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 4.2.0~rc1 to 4.2.0~rc2
Actions #6

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 4.2.0~rc2 to 4.2.0
Actions #7

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 4.2.0 to 4.2.1
Actions #8

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 4.2.1 to 4.2.2
Actions #9

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 4.2.2 to 4.2.3
Actions #10

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 4.2.3 to 4.2.4
Actions #11

Updated by Benoît PECCATTE almost 7 years ago

  • Target version changed from 4.2.4 to Ideas (not version specific)
Actions #12

Updated by François ARMAND about 4 years ago

  • Project changed from Rudder to Authentication backends
  • Category deleted (Web - Maintenance)
  • Target version deleted (Ideas (not version specific))
Actions #13

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version set to 7.2
Actions #14

Updated by Alexis Mousset about 1 year ago

  • Target version changed from 7.2 to Ideas
Actions

Also available in: Atom PDF