Reading through the documentation of Knox it looks like there is support for LDAP Authentication out of the box. Is there the capability to connect knox to any type of user/password store?
For demo purposes, you can use capability of Shiro to embed users directly within its configuration (in our case knox-topology file). This approach is largely taken to “shake out” the process of editing topology files for various purposes. At the same time it minimizes external dependencies to help ensure a successful starting point.
Your knox-topology would look like this:
<topology> <gateway> <provider> <role>authentication</role> <name>ShiroProvider</name> <enabled>true</enabled> <param name="users.admin" value="admin-secret"/> <param name="urls./**" value="authcBasic"/> </provider> </gateway> <service> <role>KNOX</role> </service> </topology>
Testing the topology through KNOX API with the embeded admin user.
curl -u admin:admin-secret -ik 'https://localhost:8443/gateway/sample1/api/v1/version'
Obviously not a replacement to integrating with LDAP but good way to test and start manipulating your topology file.