airflow-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lewis John McGibbney <lewi...@apache.org>
Subject Re: Use WebUI username and password in webserver_config.py for LDAP authentication
Date Tue, 23 Feb 2021 21:53:46 GMT
Hi Folks,
Has anyone been able to successfully pass the username and password to webserver_config.py
for LDAP authentication?
I'm struggling to figure this one out... surely someone else has solved this issue and has
Airflow running with LDAP authentication...?
Thank you
lewismc

On 2021/02/19 17:21:30, Lewis John McGibbney <lewismc@apache.org> wrote: 
> Hi users@,
> 
> #########
> # Context #
> #########
> With the following webserver_config.py code, when I provide the environment variables
$USERNAME and $PASSWORD, from the WebUI I can authenticate and login to Airflow just fine.
> 
> import os
> from flask_appbuilder.security.manager import AUTH_LDAP
> 
> basedir = os.path.abspath(os.path.dirname(__file__))
> username = os.environ['USERNAME']
> password = os.environ['PASSWORD']
> 
> # Flask-WTF flag for CSRF
> WTF_CSRF_ENABLED = True
> AUTH_TYPE = AUTH_LDAP
> AUTH_ROLE_ADMIN = "Admin"
> AUTH_USER_REGISTRATION = True
> AUTH_USER_REGISTRATION_ROLE = "Admin"
> AUTH_LDAP_SERVER = "ldaps://ldap....:636"
> AUTH_LDAP_SEARCH = "ou=personnel,dc=dir,dc=a,dc=b,dc=c"
> AUTH_LDAP_BIND_USER = "uid={},ou=personnel,dc=dir,dc=a,dc=b,dc=c".format(username)
> AUTH_LDAP_BIND_PASSWORD = password
> AUTH_LDAP_UID_FIELD = "uid"
> AUTH_LDAP_USE_TLS = False
> AUTH_LDAP_ALLOW_SELF_SIGNED = False
> 
> ##########
> # Problem #
> ##########
> This is not appropriate if I want all of my other colleagues to login to the Airflow
WebUI via LDAP.
> 
> ##########
> # Question #
> ##########
> 
> How do I use the username and password (submitted by the user into the WebUI form) as
a variable within the webserver_config.py?
> 
> I will provide a pull request for this as the documentation is lacking. I would like
to make it clearer.
> Thank you in advance for any knowledge sharing.
> 
> Thanks in advance,
> lewismc
> 

Mime
View raw message