mandeeplohan opened a new issue #16402: URL: https://github.com/apache/superset/issues/16402
[ldaplogin.txt](https://github.com/apache/superset/files/7033336/ldaplogin.txt) We are trying to setup ldap login. We configured below in superset_config.py: from flask_appbuilder.security.manager import AUTH_OID, AUTH_REMOTE_USER, AUTH_DB, AUTH_LDAP, AUTH_OAUTH, AUTH_OAUTH from mysecurity import MySecurityManager CUSTOM_SECURITY_MANAGER = MySecurityManager AUTH_TYPE = AUTH_LDAP AUTH_LDAP_USE_TLS = False AUTH_USER_REGISTRATION = True AUTH_LDAP_SERVER = "ldap-server" AUTH_LDAP_SEARCH ="CN=Users,DC=ms,DC=xxx,DC=xxx,DC=com" AUTH_LDAP_UID_FIELD = "sAMAccountName" AUTH_LDAP_EMAIL_FIELD = "@xxx.com" #RECAPTCHA_PUBLIC_KEY = "public" #AUTH_ROLES_MAPPING = { #"cn=fab_users,ou=groupname,dc=ms,dc=com": ["User"], #"cn=fab_admins,ou=groupname,dc=ms,dc=com": ["Admin"] #} #from superset.security import CustomSecurityManager #CUSTOM_SECURITY_MANAGER = CustomSecurityManager # the LDAP user attribute which has their role DNs AUTH_LDAP_GROUP_FIELD = "memberOf" # if we should replace ALL the user's roles each login, or only on registration AUTH_ROLES_SYNC_AT_LOGIN = True # force users to re-auth after 30min of inactivity (to keep roles in sync) #PERMANENT_SESSION_LIFETIME=1800 **********With above config we are not able to login.****** [ldaplogin.txt](https://github.com/apache/superset/files/7033341/ldaplogin.txt) 2. Then we tried to provide a custom pythong script ldaplogin.txt (attached along). With that we are able to authenticate user and get ldap related user details. However there is this below error: superset_app | attribute 'is_active' not found superset_app | Traceback (most recent call last): superset_app | File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1950, in full_dispatch_request superset_app | rv = self.dispatch_request() superset_app | File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1936, in dispatch_request superset_app | return self.view_functions[rule.endpoint](**req.view_args) superset_app | File "/usr/local/lib/python3.7/site-packages/flask_appbuilder/security/views.py", line 520, in login superset_app | login_user(user, remember=False) superset_app | File "/usr/local/lib/python3.7/site-packages/flask_login/utils.py", line 158, in login_user superset_app | if not force and not user.is_active: superset_app | File "/usr/local/lib/python3.7/site-packages/ldap3/abstract/entry.py", line 202, in __getattr__ superset_app | raise LDAPCursorAttributeError(error_message) superset_app | ldap3.core.exceptions.LDAPCursorAttributeError: attribute 'is_active' not found superset_app | 2021-08-23 16:04:08,958:ERROR:superset.views.base:attribute 'is_active' not found superset_app | Traceback (most recent call last): superset_app | File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1950, in full_dispatch_request superset_app | rv = self.dispatch_request() superset_app | File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1936, in dispatch_request superset_app | return self.view_functions[rule.endpoint](**req.view_args) superset_app | File "/usr/local/lib/python3.7/site-packages/flask_appbuilder/security/views.py", line 520, in login superset_app | login_user(user, remember=False) superset_app | File "/usr/local/lib/python3.7/site-packages/flask_login/utils.py", line 158, in login_user superset_app | if not force and not user.is_active: superset_app | File "/usr/local/lib/python3.7/site-packages/ldap3/abstract/entry.py", line 202, in __getattr__ superset_app | raise LDAPCursorAttributeError(error_message) superset_app | ldap3.core.exceptions.LDAPCursorAttributeError: attribute 'is_active' not found superset_app | We are not able to resolve this. Please help -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
