Created 10-05-2016 10:46 AM
Any pointers or tutorial will be great help!!
<provider> <role>authentication</role> <name>ShiroProvider</name> <enabled>true</enabled> <param> <name>main.ldapRealm</name> <value>org.apache.shiro.realm.ldap.JndiLdapRealm</value> <param> <param> <name>main.ldapRealm.userDnTemplate</name> <value>uid={0},ou=hadoopdev,dc=my-ldap,dc=com</value> </param> <param> <name>main.ldapRealm.contextFactory.url</name> <value>ldap://192.XX.XX.XX:389</value> </param> <param> <name>main.ldapRealm.contextFactory.authenticationMechanism</name> <value>simple</value> </param> <param> <name>urls./**</name> <value>$auth_type</value> </param> <param> <name>sessionTimeout</name> <value>$minutes</value> </param> </provider>
Created 10-06-2016 03:26 PM
Its working now as my 389 port was blocked on my VM having LDAP running..Thanks.!!
Created 10-05-2016 11:21 AM
Apache Knox uses Shiro for LDAP authentication. You can put the details of your LDAP server and port in topology file. Knox will use the LDAP Server IP Address and Port to communicate. If you are using OpenLDAP to authenticate, you can safely stop Demo LDAP service in Knox. Yes you need to install openldap, openldap-clients, and openldap-servers package.
Created 10-05-2016 11:24 AM
1. Knox gateway will check for the respective topology file which has the ldap settings configured[if you have integrated knox with ldap]
2. For demo ldap - you can use "ps -aef |grep ldap" command to check which is the jar being picked up.
3. You will need to have openldap clients on all nodes to make sure the user exist on all nodes.
Below link will have more details - http://knox.apache.org/books/knox-0-8-0/user-guide.html#Introduction
Created 10-06-2016 03:26 PM
Its working now as my 389 port was blocked on my VM having LDAP running..Thanks.!!