ajgil commented on issue #5526: How to Use Remote user Authentication URL: https://github.com/apache/incubator-superset/issues/5526#issuecomment-409183146 Hi @Harish346 yesterday wrote on this closed [issue](https://github.com/apache/incubator-superset/issues/3312) Followed @mistercrunch post and implemented code override superset security Code on config.py ```python from superset.security import SupersetSecurityManager class AppAuthRemoteUserView(AuthRemoteUserView): def add_role_if_missing(self, sm, user_id, role_name): found_role = sm.find_role(role_name) session = sm.get_session user = session.query(sm.user_model).get(user_id) if found_role and found_role not in user.roles: user.roles += [found_role] session.commit() @expose('/login/') def login(self): # Flushing flash message "Access is denied" if web_session and '_flashes' in web_session: web_session.pop('_flashes') from flask import g if g and g.user is not None and g.user.is_authenticated(): return redirect(self.redirect_url()) sm = self.appbuilder.sm error_msg = None if any([ k not in request.headers for k in ['X-LDAP-Username', 'X-LDAP-Groups']]): raise username = request.headers.get('X-LDAP-Username') groups = request.headers.get('X-LDAP-Groups', '').lower().split(',') session = sm.get_session user = session.query(sm.user_model).filter_by(username=username).first() if user and not user.is_active(): return ( "Your account is not activated, " "ask an admin to check the 'Is Active?' box in your " "user profile") if any([gr in ACCEPTED_ROLES for gr in groups]): role = sm.find_role('alpha') else: role = sm.find_role('gamma') if user is None and username: user = sm.add_user( username=username, first_name=username, last_name='', email="{}@app.site".format(username), role=role) msg = ("Welcome to my App, {}".format(username)) flash(as_unicode(msg), 'info') user = sm.auth_user_remote_user(username) elif role not in user.roles: user = session.query(sm.user_model).get(user.id) user.roles += [role] session.commit() self.add_role_if_missing(sm, user.id, 'Public') self.add_role_if_missing(sm, user.id, 'sql_lab') login_user(user) return redirect(self.redirect_url()) # Override class CustomSecurityManager(SupersetSecurityManager): authremoteuserview = AppAuthRemoteUserView AUTH_TYPE = AUTH_REMOTE_USER AUTH_USER_REGISTRATION_ROLE = 'alpha' CUSTOM_SECURITY_MANAGER = CustomSecurityManager ``` Then running Superset and got this error ```sh superset runserver -d Traceback (most recent call last): File "/usr/bin/superset", line 12, in <module> from superset.cli import manager File "/usr/lib/python3.6/site-packages/superset/__init__.py", line 22, in <module> from superset import config, utils File "/usr/lib/python3.6/site-packages/superset/config.py", line 469, in <module> class AppAuthRemoteUserView(AuthRemoteUserView): File "/usr/lib/python3.6/site-packages/superset/config.py", line 479, in AppAuthRemoteUserView @expose('/login/') NameError: name 'expose' is not defined ``` Then comented expose decorator and got trace ```sh File "/usr/lib/python3.6/site-packages/superset/views/core.py", line 2656, in welcome return redirect(appbuilder.get_url_for_login) File "/usr/lib64/python3.6/site-packages/flask_appbuilder/base.py", line 449, in get_url_for_login return url_for('%s.%s' % (self.sm.auth_view.endpoint, 'login')) File "/usr/lib64/python3.6/site-packages/flask/helpers.py", line 333, in url_for return appctx.app.handle_url_build_error(error, endpoint, values) File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1805, in handle_url_build_error reraise(exc_type, exc_value, tb) File "/usr/lib64/python3.6/site-packages/flask/_compat.py", line 33, in reraise raise value File "/usr/lib64/python3.6/site-packages/flask/helpers.py", line 323, in url_for force_external=external) File "/usr/lib/python3.6/site-packages/werkzeug/routing.py", line 1776, in build raise BuildError(endpoint, values, method, self) werkzeug.routing.BuildError: Could not build url for endpoint 'AppAuthRemoteUserView.login'. Did you mean 'AppAuthRemoteUserView.logout' instead? 2018-07-30 16:56:26,149:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET / HTTP/1.1" 302 - 2018-07-30 16:56:26,256:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome HTTP/1.1" 500 - Traceback (most recent call last): File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1997, in __call__ return self.wsgi_app(environ, start_response) File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1985, in wsgi_app response = self.handle_exception(e) File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1540, in handle_exception reraise(exc_type, exc_value, tb) File "/usr/lib64/python3.6/site-packages/flask/_compat.py", line 33, in reraise raise value File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1982, in wsgi_app response = self.full_dispatch_request() File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1614, in full_dispatch_request rv = self.handle_user_exception(e) File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1517, in handle_user_exception reraise(exc_type, exc_value, tb) File "/usr/lib64/python3.6/site-packages/flask/_compat.py", line 33, in reraise raise value File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1612, in full_dispatch_request rv = self.dispatch_request() File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1598, in dispatch_request return self.view_functions[rule.endpoint](**req.view_args) File "/usr/lib/python3.6/site-packages/superset/views/core.py", line 2656, in welcome return redirect(appbuilder.get_url_for_login) File "/usr/lib64/python3.6/site-packages/flask_appbuilder/base.py", line 449, in get_url_for_login return url_for('%s.%s' % (self.sm.auth_view.endpoint, 'login')) File "/usr/lib64/python3.6/site-packages/flask/helpers.py", line 333, in url_for return appctx.app.handle_url_build_error(error, endpoint, values) File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1805, in handle_url_build_error reraise(exc_type, exc_value, tb) File "/usr/lib64/python3.6/site-packages/flask/_compat.py", line 33, in reraise raise value File "/usr/lib64/python3.6/site-packages/flask/helpers.py", line 323, in url_for force_external=external) File "/usr/lib/python3.6/site-packages/werkzeug/routing.py", line 1776, in build raise BuildError(endpoint, values, method, self) werkzeug.routing.BuildError: Could not build url for endpoint 'AppAuthRemoteUserView.login'. Did you mean 'AppAuthRemoteUserView.logout' instead? 2018-07-30 16:56:26,324:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome?__debugger__=yes&cmd=resource&f=style.css HTTP/1.1" 200 - 2018-07-30 16:56:26,325:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome?__debugger__=yes&cmd=resource&f=jquery.js HTTP/1.1" 200 - 2018-07-30 16:56:26,331:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome?__debugger__=yes&cmd=resource&f=debugger.js HTTP/1.1" 200 - 2018-07-30 16:56:26,394:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome?__debugger__=yes&cmd=resource&f=ubuntu.ttf HTTP/1.1" 200 - 2018-07-30 16:56:26,471:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 200 - 2018-07-30 16:56:26,509:INFO:werkzeug:10.168.24.69 - - [30/Jul/2018 16:56:26] "GET /superset/welcome?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 200 - ```
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
