mohammadjkhan commented on issue #9303: ERROR [qtp1604271704-130] org.apache.druid.security.basic.authentication.validator.LDAPCredentialsValidator - Exception during user lookup URL: https://github.com/apache/druid/issues/9303#issuecomment-582607552 looks like you need to update your escalator credentials with an account that actually exists in your ldap. druid_system is metadata user Try this... druid.auth.authenticatorChain=["ldap"] -Ddruid.auth.basic.ssl.trustStorePath= -Ddruid.auth.basic.ssl.protocol=JKS -Ddruid.auth.basic.ssl.trustStorePassword= -Ddruid.auth.basic.ssl.trustStoreType= (you might be fine not having to include any of the below key store config properties) -Ddruid.auth.basic.ssl.keyStorePath= -Ddruid.auth.basic.ssl.keyStoreType=JKS -Ddruid.auth.basic.ssl.certAlias= -Ddruid.auth.basic.ssl.keyStorePassword= -Ddruid.auth.basic.ssl.keyManagerPassword= druid.auth.authenticator.ldap.type=basic (for ldap, enableCacheNotifications is not needed since ldap doesn't have any notification scheme. This property is primarily used for metadata credential validator configuration) druid.auth.authenticator.ldap.enableCacheNotifications=true druid.auth.authenticator.ldap.credentialsValidator.type=ldap druid.auth.authenticator.ldap.credentialsValidator.url=: druid.auth.authenticator.ldap.credentialsValidator.bindUser= druid.auth.authenticator.ldap.credentialsValidator.bindPassword= druid.auth.authenticator.ldap.credentialsValidator.baseDn= druid.auth.authenticator.ldap.credentialsValidator.userSearch= druid.auth.authenticator.ldap.credentialsValidator.userAttribute=sAMAccountName druid.auth.authenticator.ldap.authorizerName=ldapauth druid.escalator.type=basic druid.escalator.internalClientUsername=ldap user id druid.escalator.internalClientPassword=ldap user password druid.escalator.authorizerName=ldapauth druid.auth.authorizers=["ldapauth"] druid.auth.authorizer.ldapauth.type=basic druid.auth.authorizer.ldapauth.initialAdminUser=ldap user id you specified in internalClientUsername druid.auth.authorizer.ldapauth.initialAdminRole=admin druid.auth.authorizer.ldapauth.roleProvider.type=ldap
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
