potiuk commented on pull request #18670: URL: https://github.com/apache/airflow/pull/18670#issuecomment-933019561
Actually I am not sure if this is good approach - see the discussion we had with the user and @dstandish in https://github.com/apache/airflow/discussions/18290, which resulted in opening https://github.com/apache/airflow/issues/18545 Seems that this is perfectly valid case for the users, who are using external authentication (LDAP for example) but rather than relying on synchronizing the users from the auth source (for example using LDAP groups) they prefer to manually add to the Airflow DB only those users that should have access to Airflow. It means that while authentication comes from LDAP, the authorization is based on Airlow DB. Since for every externally authenticated user, there must be a DB entry in Airflow, this works and behaves as expected. I personally think it is perfectly valid case and we should support it. (hence I turned the discssion back into the issue) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
