You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "Binh Le (JIRA)" <ji...@apache.org> on 2019/05/21 04:13:37 UTC

[jira] [Created] (AIRFLOW-4550) RBAC and LDAP integration

Binh Le created AIRFLOW-4550:
--------------------------------

             Summary: RBAC and LDAP integration
                 Key: AIRFLOW-4550
                 URL: https://issues.apache.org/jira/browse/AIRFLOW-4550
             Project: Apache Airflow
          Issue Type: Improvement
          Components: api, authentication, configuration, DAG, database
            Reporter: Binh Le


Hi,

Could we achieve *RBAC* and *LDAP* authentication at the same time?

I mean that after users are authenticated with *LDAP* server then there's no way to use *RBAC* to classify their roles & permissions for *DAGs* access. The current *super-user filter* and *data-profiler filter* for *LDAP* configuration are not strong enough because *non-super-user* they can even *start*/*stop*/*refresh*/*delete* any *DAGs* in the web UI. When I enable *RBAC=True* then the *auth_db* is used rather than *ldap_auth* backend.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)