[jira] [Commented] (AIRFLOW-3270) Apache airflow 1.10.0 integration with LDAP anonmyously

Mon, 05 Nov 2018 03:22:12 -0800 


    [ 
https://issues.apache.org/jira/browse/AIRFLOW-3270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16674992#comment-16674992
 ] 

Hari Krishna ADDEPALLI LN commented on AIRFLOW-3270:
----------------------------------------------------

After assigning the value to the group_member_attr, it is still failing :

*[2018-11-05 11:20:01,700] \{{ldap_auth.py:303}} INFO - User user1234 
successfully authenticated*

[2018-11-05 11:20:02,098] ERROR in app: Exception on /admin/airflow/login [POST]

Traceback (most recent call last):

  File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1982, in 
wsgi_app

    response = self.full_dispatch_request()

  File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1614, in 
full_dispatch_request

    rv = self.handle_user_exception(e)

  File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1517, in 
handle_user_exception

    reraise(exc_type, exc_value, tb)

  File "/usr/local/lib/python3.5/site-packages/flask/_compat.py", line 33, in 
reraise

    raise value

  File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1612, in 
full_dispatch_request

    rv = self.dispatch_request()

  File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1598, in 
dispatch_request

    return self.view_functions[rule.endpoint](**req.view_args)

  File "/usr/local/lib/python3.5/site-packages/flask_admin/base.py", line 69, 
in inner

    return self._run_view(f, *args, **kwargs)

  File "/usr/local/lib/python3.5/site-packages/flask_admin/base.py", line 368, 
in _run_view

    return fn(self, *args, **kwargs)

  File "/usr/local/lib/python3.5/site-packages/airflow/www/views.py", line 735, 
in login

    return airflow.login.login(self, request)

  File "/usr/local/lib/python3.5/site-packages/airflow/utils/db.py", line 74, 
in wrapper

    return func(*args, **kwargs)

  File 
"/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py",
 line 316, in login

    flask_login.login_user(LdapUser(user))

  File "<string>", line 4, in __init__

  File "/usr/local/lib/python3.5/site-packages/sqlalchemy/orm/state.py", line 
414, in _initialize_instance

    manager.dispatch.init_failure(self, args, kwargs)

  File "/usr/local/lib/python3.5/site-packages/sqlalchemy/util/langhelpers.py", 
line 66, in __exit__

    compat.reraise(exc_type, exc_value, exc_tb)

  File "/usr/local/lib/python3.5/site-packages/sqlalchemy/util/compat.py", line 
187, in reraise

    raise value

  File "/usr/local/lib/python3.5/site-packages/sqlalchemy/orm/state.py", line 
411, in _initialize_instance

    return manager.original_init(*mixed[1:], **kwargs)

  File 
"/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py",
 line 185, in __init__

    user.username

  File 
"/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py",
 line 106, in groups_user

    attributes=[native(memberof_attr)])

  *File "/usr/local/lib/python3.5/site-packages/ldap3/core/connection.py", line 
765, in search*

    *raise LDAPAttributeError('invalid attribute type ' + 
attribute_name_to_check)*

*ldap3.core.exceptions.LDAPAttributeError: invalid attribute type 
memberOf=cn=rvs-login-mc_usphx,ou=groups,dc=odc,dc=im*

127.0.0.1 - - [05/Nov/2018:11:20:02 +0000] "POST /admin/airflow/login HTTP/1.1" 
500 4583 "http://localhost:8080/admin/airflow/login?next=%2Fadmin%2F"; 
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, 
like Gecko) Chrome/70.0.3538.77 Safari/537.36"

 

> Apache airflow 1.10.0 integration with LDAP anonmyously
> -------------------------------------------------------
>
>                 Key: AIRFLOW-3270
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-3270
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: authentication
>    Affects Versions: 1.10.0
>            Reporter: Hari Krishna ADDEPALLI LN
>            Priority: Blocker
>
> Please advise what to include in airflow.cfg when going to integrate with 
> LDAP anonymously ? We are using DS389 as LDAP server vendor name. 
>  
> {noformat}
> [webserver] 
> authenticate = True 
> auth_backend = airflow.contrib.auth.backends.ldap_auth  
> {noformat}
>  
> And 
>  
> {noformat}
> [ldap] 
> uri = ldap://nsp-daf178e8.ad1.prd.us-phx.odc.im:389 
> user_filter = memberOf=cn=rvs-all-prd_usphx,ou=groups,dc=odc,dc=im
> user_name_attr = uid 
> group_member_attr =
> superuser_filter = memberOf=cn=rvd-sudo_all-prd_usphx,ou=groups,dc=odc,dc=im 
> data_profiler_filter = 
> bind_user = 
> bind_password = 
> basedn = ou=people,dc=odc,dc=im 
> cacert = /opt/orchestration/airflow/ldap_ca.crt 
> search_scope = LEVEL
> {noformat}
> I am hitting below exception:
> {noformat}
>   File "/usr/local/lib/python3.5/site-packages/ldap3/operation/search.py", 
> line 215, in parse_filter     
> raise LDAPInvalidFilterError('malformed filter') 
> ldap3.core.exceptions.LDAPInvalidFilterError: malformed filter
> {noformat}
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to