You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@druid.apache.org by GitBox <gi...@apache.org> on 2019/03/29 00:48:36 UTC

[GitHub] [incubator-druid] jon-wei edited a comment on issue #6972: Support LDAP authentication/authorization

jon-wei edited a comment on issue #6972: Support LDAP authentication/authorization
URL: https://github.com/apache/incubator-druid/pull/6972#issuecomment-477778052
 
 
   @mohammadjkhan @nishantmonu51 
   
   Given that the metadata store-backed and LDAP implementations have such different configurations, I would structure this as follows:
   - Create an abstract `PasswordBasedAuthenticator`, and override the credentials validation in separate `BasicHTTPAuthenticator` and `LDAPAuthenticator` classes
   - Create an abstract `RoleBasedAuthorizer`, and override the rolemap calculation in separate classes for metadata-backed and LDAP-backed authorizer (The PR currently preferentially checks the metadata-backed store and then LDAP, I think these should be separate since the incoming request would be authenticated against only one or the other)

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org