database/doris
2
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
4ac38ca67adce44ba2e8a574d052dcd6ea342a11
doris/conf/ldap.conf
luozenglin b619bb2000 [enhancement](ldap) optimize LDAP authentication. (#11948) 
* [enhancement](ldap) optimize LDAP authentication.

1. Support caching LDAP user information.
2. HTTP authentication supports LDAP.
3. LDAP temporary users support default user property.
4. LDAP configuration supports the `admin show config` and `admin set config` commands.
2022-08-24 17:08:14 +08:00

57 lines
2.4 KiB
Plaintext
Raw Blame History

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#####################################################################
## To see all LDAP configurations,
## see fe/src/org/apache/doris/common/LdapConfig.java
#####################################################################
# LDAP server configuration
# If you want to enable LDAP authentication, you should:
## step1: Configure the following parameters:
# ldap_authentication_enabled - Flag to enable LDAP authentication. Specify 'true' to enable ldap authentication.
# ldap_host - LDAP server ip.
# ldap_port - LDAP server port.
# ldap_admin_name - The DN to bind as connection, this admin DN will be used to lookup information about other users.
# ldap_user_basedn - Search base for users.
# ldap_user_filter - User lookup filter, the placeholder {login} will be replaced by the user supplied login.
# ldap_group_basedn - Search base for groups.
## step2: Restart fe, and use root or admin account to log in to doris.
## step3: Execute sql statement to set ldap admin password:
# set ldap_admin_password = 'password';
ldap_authentication_enabled = false
ldap_host = 127.0.0.1
ldap_port = 389
ldap_admin_name = cn=admin,dc=domain,dc=com
ldap_user_basedn = ou=people,dc=domain,dc=com
ldap_user_filter = (&(uid={login}))
ldap_group_basedn = ou=group,dc=domain,dc=com
# ldap_cache_time_out_s = 12 * 60 * 60;
# LDAP pool configuration
# https://docs.spring.io/spring-ldap/docs/2.3.3.RELEASE/reference/#pool-configuration
# ldap_pool_max_active = 8
# ldap_pool_max_total = -1
# ldap_pool_max_idle = 8
# ldap_pool_min_idle = 0
# ldap_pool_max_wait = -1
# ldap_pool_when_exhausted = 1
# ldap_pool_test_on_borrow = false
# ldap_pool_test_on_return = false
# ldap_pool_test_while_idle = false
Reference in New Issue View Git Blame Copy Permalink