ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oleew...@apache.org
Subject [6/6] ambari git commit: AMBARI-16153. Logsearch: Use Ambari Server as credential server (Dharmesh Makwana via oleewere)
Date Tue, 10 May 2016 09:55:49 GMT
AMBARI-16153. Logsearch: Use Ambari Server as credential server (Dharmesh Makwana via oleewere)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/24b2391e
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/24b2391e
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/24b2391e

Branch: refs/heads/trunk
Commit: 24b2391efab918ae86dce996912772dc9fbd673f
Parents: bdbe7d9
Author: oleewere <oleewere@gmail.com>
Authored: Tue May 10 01:06:47 2016 +0200
Committer: oleewere <oleewere@gmail.com>
Committed: Tue May 10 11:34:51 2016 +0200

----------------------------------------------------------------------
 .../ambari-logsearch-portal/pom.xml             |   8 +-
 .../logsearch/util/ExternalServerClient.java    | 211 +++++++++++++++++++
 ...LogsearchAbstractAuthenticationProvider.java |  42 ++--
 .../LogsearchAuthenticationProvider.java        |   5 +
 ...rchExternalServerAuthenticationProvider.java | 105 +++++++++
 .../LogsearchSimpleAuthenticationProvider.java  |   5 +-
 .../src/main/resources/logsearch.properties     |   5 +-
 7 files changed, 352 insertions(+), 29 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/pom.xml b/ambari-logsearch/ambari-logsearch-portal/pom.xml
index 799e95e..b6dd40f 100755
--- a/ambari-logsearch/ambari-logsearch-portal/pom.xml
+++ b/ambari-logsearch/ambari-logsearch-portal/pom.xml
@@ -33,6 +33,7 @@
     <spring.version>4.2.5.RELEASE</spring.version>
     <spring.security.version>4.0.4.RELEASE</spring.security.version>
     <spring.ldap.version>2.0.4.RELEASE</spring.ldap.version>
+    <jersey.version>1.19</jersey.version>
   </properties>
   <profiles>
     <!-- Dev Profile Start -->
@@ -504,7 +505,7 @@
     <dependency>
       <groupId>com.sun.jersey.contribs</groupId>
       <artifactId>jersey-spring</artifactId>
-      <version>1.19</version>
+      <version>${jersey.version}</version>
       <exclusions>
         <exclusion>
           <groupId>org.springframework</groupId>
@@ -513,6 +514,11 @@
       </exclusions>
     </dependency>
     <dependency>
+    <groupId>com.sun.jersey.contribs</groupId>
+    <artifactId>jersey-apache-client</artifactId>
+    <version>${jersey.version}</version>
+  </dependency>
+    <dependency>
       <groupId>javax.servlet</groupId>
       <artifactId>javax.servlet-api</artifactId>
       <version>3.1.0</version>

http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/ExternalServerClient.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/ExternalServerClient.java
b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/ExternalServerClient.java
new file mode 100644
index 0000000..32e547e
--- /dev/null
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/ExternalServerClient.java
@@ -0,0 +1,211 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ambari.logsearch.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.UnknownHostException;
+import java.util.List;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+import javax.ws.rs.WebApplicationException;
+
+import org.apache.ambari.logsearch.web.security.LogsearchAbstractAuthenticationProvider;
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
+
+import com.sun.jersey.api.client.Client;
+import com.sun.jersey.api.client.ClientHandlerException;
+import com.sun.jersey.api.client.ClientResponse;
+import com.sun.jersey.api.client.UniformInterfaceException;
+import com.sun.jersey.api.client.WebResource;
+import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
+import com.sun.jersey.api.client.filter.LoggingFilter;
+import com.sun.jersey.client.apache.ApacheHttpClient;
+import com.sun.jersey.client.apache.config.DefaultApacheHttpClientConfig;
+import com.sun.jersey.core.util.MultivaluedMapImpl;
+
+/**
+ * Layer to send REST request to External server using jersey client
+ */
+@Component
+public class ExternalServerClient {
+  private static Logger LOG = Logger.getLogger(ExternalServerClient.class);
+  private static final ThreadLocal<Client> localJerseyClient = new ThreadLocal<Client>();
+  private DefaultApacheHttpClientConfig defaultConfig = new DefaultApacheHttpClientConfig();
+  private String hostURL = "http://host:ip";// default
+  private boolean enableLog = false;// default
+
+  @PostConstruct
+  public void initialization() {
+    hostURL = PropertiesUtil.getProperty(
+        LogsearchAbstractAuthenticationProvider.AUTH_METHOD_PROP_START_WITH
+            + "external_auth.host_url", hostURL);
+  }
+
+  private Client getJerseyClient() {
+    Client jerseyClient = localJerseyClient.get();
+    if (jerseyClient == null) {
+      jerseyClient = ApacheHttpClient.create(defaultConfig);
+      localJerseyClient.set(jerseyClient);
+    }
+    return jerseyClient;
+  }
+
+  /**
+   * Send GET Request to  External server
+   * @param url
+   * @param klass
+   * @param queryParam
+   * @param username
+   * @param password
+   * @return Response Object 
+   * @throws UnknownHostException
+   * @throws Exception
+   */
+  @SuppressWarnings({ "unchecked", "rawtypes" })
+  public Object sendGETRequest(String url, Class klass,
+      MultivaluedMapImpl queryParam, String username, String password)
+      throws UnknownHostException, Exception {
+    // add host url
+    url = hostURL + url;
+    String parameters = getQueryParameter(queryParam);
+    LOG.debug("URL: " + url + " query parameters are : " + parameters);
+    WebResource.Builder builder = buildWebResourceBuilder(url, queryParam,
+        username, password);
+    try {
+      return builder.get(klass);
+    } catch (WebApplicationException webApplicationException) {
+      String errMsg = webApplicationExceptionHandler(webApplicationException,
+          url);
+      throw new Exception(errMsg);
+    } catch (UniformInterfaceException uniformInterfaceException) {
+      String errMsg = uniformInterfaceExceptionHandler(
+          uniformInterfaceException, url);
+      throw new Exception(errMsg);
+    } catch (ClientHandlerException clientHandlerException) {
+      String errMsg = clientHandlerExceptionHandler(clientHandlerException, url);
+      throw new Exception(errMsg);
+    } catch (Exception e) {
+      Object response = builder.get(Object.class);
+      String errMsg = "URL: " + url + response.toString();
+      LOG.error(errMsg);
+      throw new Exception(errMsg);
+    } finally {
+      cleanup();
+    }
+  }
+
+  private WebResource.Builder buildWebResourceBuilder(String url,
+      MultivaluedMapImpl queryParam, String username, String password) {
+    WebResource webResource = getJerseyClient().resource(url);
+    // add filter
+    if (enableLog) {
+      webResource.addFilter(new LoggingFilter());
+    }
+    getJerseyClient().addFilter(new HTTPBasicAuthFilter(username, password));
+    // add query param
+    if (queryParam != null) {
+      webResource = webResource.queryParams(queryParam);
+    }
+    WebResource.Builder builder = webResource.getRequestBuilder();
+    return builder;
+  }
+
+  private String webApplicationExceptionHandler(
+      WebApplicationException webApplicationException, String url) {
+    Object object = null;
+    try {
+      object = webApplicationException.getResponse().getEntity();
+    } catch (Exception e) {
+      LOG.error(e.getLocalizedMessage());
+    }
+    String errMsg = null;
+    if (object != null) {
+      errMsg = object.toString();
+    } else {
+      errMsg = webApplicationException.getMessage();
+    }
+    errMsg = "URL: " + url + errMsg;
+    LOG.error(errMsg);
+    return errMsg;
+  }
+
+  private String uniformInterfaceExceptionHandler(
+      UniformInterfaceException uniformInterfaceException, String url) {
+    Object object = null;
+    String errMsg = null;
+    ClientResponse clientResponse = uniformInterfaceException.getResponse();
+    try {
+      object = clientResponse.getEntity(Object.class);
+      if (object != null) {
+        errMsg = object.toString();
+      }
+    } catch (Exception e) {
+      InputStream inputStream = clientResponse.getEntityInputStream();
+      try {
+        errMsg = IOUtils.toString(inputStream);
+      } catch (IOException e1) {
+        LOG.error(e.getLocalizedMessage());
+      }
+    }
+    if (errMsg == null) {
+      errMsg = uniformInterfaceException.getLocalizedMessage();
+    }
+    LOG.error("url :" + url + " Response : " + errMsg);
+    return errMsg;
+  }
+
+  private String clientHandlerExceptionHandler(
+      ClientHandlerException clientHandlerException, String url) {
+    String errMsg = clientHandlerException.getLocalizedMessage();
+    errMsg = "URL: " + url + errMsg;
+    LOG.error(errMsg);
+    return errMsg;
+  }
+
+  private String getQueryParameter(MultivaluedMapImpl queryParam) {
+    StringBuilder builder = new StringBuilder();
+    if (queryParam != null) {
+      builder.append(" Query param :");
+      for (Entry<String, List<String>> entry : queryParam.entrySet()) {
+        String name = entry.getKey();
+        builder.append(" name : " + name + " " + "values : [");
+        List<String> valuesList = entry.getValue();
+        if (valuesList != null) {
+          for (int index = 0; index < valuesList.size(); index++) {
+            String value = valuesList.get(index);
+            if (index > 0) {
+              builder.append(",");
+            }
+            builder.append(value);
+          }
+        }
+        builder.append("]");
+      }
+    }
+    return builder.toString();
+  }
+
+  private void cleanup() {
+    localJerseyClient.remove();
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java
b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java
index 157fdfc..d82bf8e 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java
@@ -24,46 +24,27 @@ import java.util.List;
 import org.apache.ambari.logsearch.util.PropertiesUtil;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
 
 public abstract class LogsearchAbstractAuthenticationProvider implements AuthenticationProvider
{
 
-  private static String AUTH_METHOD_PROP_START_WITH = "logsearch.auth.";
+  public final static String AUTH_METHOD_PROP_START_WITH = "logsearch.auth.";
 
   protected enum AUTH_METHOD {
-    LDAP, FILE, SIMPLE
+    LDAP, FILE, EXTERNAL_AUTH, SIMPLE
   };
 
-
   @Override
   public boolean supports(Class<?> authentication) {
     return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
   }
 
   /**
-   * @param authentication
-   * @return
-   */
-  public Authentication getAuthenticationWithGrantedAuthority(Authentication authentication)
{
-    UsernamePasswordAuthenticationToken result = null;
-    if (authentication != null && authentication.isAuthenticated()) {
-      final List<GrantedAuthority> grantedAuths = getAuthorities(authentication.getName().toString());
-      final UserDetails userDetails = new User(authentication.getName().toString(), authentication
-        .getCredentials().toString(), grantedAuths);
-      result = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(),
grantedAuths);
-      result.setDetails(authentication.getDetails());
-      return result;
-    }
-    return authentication;
-  }
-
-  /**
+   * GET Default GrantedAuthority
+   * 
    * @param username
-   * @return
+   * @return List<GrantedAuthority>
    */
   protected List<GrantedAuthority> getAuthorities(String username) {
     final List<GrantedAuthority> grantedAuths = new ArrayList<>();
@@ -71,6 +52,12 @@ public abstract class LogsearchAbstractAuthenticationProvider implements
Authent
     return grantedAuths;
   }
 
+  /**
+   * Check authentication provider is enable or disable for specified method
+   * 
+   * @param method
+   * @return boolean
+   */
   public boolean isEnable(AUTH_METHOD method) {
     String methodName = method.name().toLowerCase();
     String property = AUTH_METHOD_PROP_START_WITH + methodName + ".enable";
@@ -78,8 +65,13 @@ public abstract class LogsearchAbstractAuthenticationProvider implements
Authent
     return isEnable;
   }
 
+  /**
+   * Check authentication provider is enable or disable
+   * 
+   * @return boolean
+   */
   public boolean isEnable() {
-    //default is disabled 
+    // default is disabled
     return false;
   }
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
index f29d08f..e17650a 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
@@ -50,6 +50,9 @@ public class LogsearchAuthenticationProvider extends
 
   @Autowired
   LogsearchSimpleAuthenticationProvider simpleAuthenticationProvider;
+  
+  @Autowired
+  LogsearchExternalServerAuthenticationProvider externalServerAuthenticationProvider;
 
   @Autowired
   JSONUtil jsonUtil;
@@ -133,6 +136,8 @@ public class LogsearchAuthenticationProvider extends
       authentication = fileAuthenticationProvider.authenticate(authentication);
     } else if (authMethod.equals(AUTH_METHOD.SIMPLE)) {
       authentication = simpleAuthenticationProvider.authenticate(authentication);
+    }else if (authMethod.equals(AUTH_METHOD.EXTERNAL_AUTH)) {
+      authentication = externalServerAuthenticationProvider.authenticate(authentication);
     } else {
       logger.error("Invalid authentication method :" + authMethod.name());
     }

http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java
b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java
new file mode 100644
index 0000000..79a414c
--- /dev/null
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java
@@ -0,0 +1,105 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ambari.logsearch.web.security;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.ambari.logsearch.util.ExternalServerClient;
+import org.apache.ambari.logsearch.util.PropertiesUtil;
+import org.apache.ambari.logsearch.util.StringUtil;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.stereotype.Component;
+
+/**
+ * 
+ * Authentication provider to authenticate user from external-server using REST
+ * call
+ */
+@Component
+public class LogsearchExternalServerAuthenticationProvider extends
+    LogsearchAbstractAuthenticationProvider {
+
+  private static Logger LOG = Logger
+      .getLogger(LogsearchExternalServerAuthenticationProvider.class);
+
+  @Autowired
+  ExternalServerClient externalServerClient;
+
+  @Autowired
+  StringUtil stringUtil;
+
+  private String loginAPIURL = "/api/v1/clusters";// default
+
+  @PostConstruct
+  public void initialization() {
+    loginAPIURL = PropertiesUtil.getProperty(AUTH_METHOD_PROP_START_WITH
+        + "external_auth.login_url", loginAPIURL);
+  }
+
+  /**
+   * Authenticating user from external-server using REST call 
+   * @param authentication the authentication request object.
+   * @return a fully authenticated object including credentials.
+   * @throws AuthenticationException if authentication fails.
+   */
+  @Override
+  public Authentication authenticate(Authentication authentication)
+      throws AuthenticationException {
+    if (!this.isEnable()) {
+      LOG.debug("external server auth is disabled.");
+      return authentication;
+    }
+    String username = authentication.getName();
+    String password = (String) authentication.getCredentials();
+    if (stringUtil.isEmpty(username)) {
+      throw new BadCredentialsException("Username can't be null or empty.");
+    }
+    if (stringUtil.isEmpty(password)) {
+      throw new BadCredentialsException("Password can't be null or empty.");
+    }
+    // html unescape
+    password = StringEscapeUtils.unescapeHtml(password);
+    username = StringEscapeUtils.unescapeHtml(username);
+    try {
+      externalServerClient.sendGETRequest(loginAPIURL, String.class, null,
+          username, password);
+    } catch (Exception e) {
+      LOG.error("Login failed for username :" + username + " Error :"+ e.getLocalizedMessage());
+      throw new BadCredentialsException("Bad credentials");
+    }
+    authentication = new UsernamePasswordAuthenticationToken(username,
+        password, getAuthorities(username));
+    return authentication;
+  }
+
+  /**
+   * Return true/false based on EXTERNAL_AUTH authentication method is enabled/disabled
+   * return boolean
+   */
+  @Override
+  public boolean isEnable() {
+    return isEnable(AUTH_METHOD.EXTERNAL_AUTH);
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java
b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java
index 4dfc30a..7e0546e 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java
@@ -59,9 +59,10 @@ public class LogsearchSimpleAuthenticationProvider extends LogsearchAbstractAuth
   public boolean isEnable(AUTH_METHOD method) {
     boolean ldapEnabled = super.isEnable(AUTH_METHOD.LDAP);
     boolean fileEnabled = super.isEnable(AUTH_METHOD.FILE);
+    boolean externalAuthEnabled = super.isEnable(AUTH_METHOD.EXTERNAL_AUTH);
     boolean simpleEnabled = super.isEnable(method);
-    if (!ldapEnabled && !fileEnabled && simpleEnabled) {
-      // simple is enabled only when rest two are disabled and simple is enable
+    if (!ldapEnabled && !fileEnabled && simpleEnabled && !externalAuthEnabled)
{
+      // simple is enabled only when rest three are disabled and simple is enable
       return true;
     } else {
       return false;

http://git-wip-us.apache.org/repos/asf/ambari/blob/24b2391e/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch.properties
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch.properties
b/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch.properties
index b5b0b23..315d736 100755
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch.properties
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch.properties
@@ -38,7 +38,10 @@ solr.audit_logs.replication_factor=1
 logfeeder.include.default.level=fatal,error,warn
 
 #Authentication settings
-#Note: Simple will be supported only if both file and ldap is disabled.
+#Note: Simple will be supported only if file ,ldap and external_auth all three are disabled.
 logsearch.auth.file.enable=true
 logsearch.auth.ldap.enable=false
 logsearch.auth.simple.enable=false
+logsearch.auth.external_auth.enable=false
+logsearch.auth.external_auth.host_url=http://ip:port
+logsearch.auth.external_auth.login_url=/api/v1/clusters


Mime
View raw message