ashb commented on pull request #18670: URL: https://github.com/apache/airflow/pull/18670#issuecomment-933301540
> But i believe not everyone in their corporate organisation has influence on how groups are defined in LDAP and being able to manually control who has access to Airflow with what role without having to create and configure LDAPl groups for authorisation while still authenticating using LDAP seems like very valid case (at least that what came out of our discussion with @dstandish and the user above). I would say this should be opt-in, rather than by default with ldap, as I've been in plenty of places where being to create a user manually when using LDAP is viewed as a security risk (cos then the user is not managed centrally. So I'd almost say that this should be a new auth type, of `LDAP_AND_DB`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
