[I] Issue with AUTH_ROLES_MAPPING in Superset LDAP Authentication [superset]

[via GitHub]

amoi-amoi opened a new issue, #32165:
URL: https://github.com/apache/superset/issues/32165

   ### Bug description
   
   Hello everyone,
   
   I'm having trouble configuring AUTH_ROLES_MAPPING in Superset. I can 
successfully log in using my LDAP server credentials, but the user roles are 
not being mapped correctly.
   
   If AUTH_USER_REGISTRATION_ROLE is set, all users are assigned that role, 
regardless of AUTH_ROLES_MAPPING.
   If AUTH_USER_REGISTRATION_ROLE is not set, all users are assigned the public 
role.
   It seems that AUTH_ROLES_MAPPING is not working as expected.
   
   Here’s a summary of my setup:
   
   Authentication works: Users can log in with LDAP credentials.
   Role mapping does not work: Users are not assigned roles based on their LDAP 
groups.
   This is the configuration I’m using for AUTH_ROLES_MAPPING:
   
   AUTH_ROLES_MAPPING = {
      "cn=superset_admin,ou=People,dc=my-domain,dc=com": ["Admin"],
      "cn=superset_external,ou=People,dc=my-domain,dc=com": ["Alpha"],
      "cn=superset_readonly,ou=People,dc=my-domain,dc=com": ["Admin"],
      "cn=superset_sqllab,ou=People,dc=my-domain,dc=com": ["Alpha"]
    }
   
   I have also set the following parameter:
   
    AUTH_LDAP_GROUP_FIELD = "memberUid"
   
   I configured it as memberUid because, as shown in the attached screenshot, 
the user attribute appears to be memberUid instead of memberOf.
   
   To provide more context, I’ve attached screenshots of both the user 
configuration and the group configuration from the LDAP server.
   
   
   Has anyone encountered this issue before? Am I missing something in my 
configuration? Any help would be greatly appreciated!
   
   Thanks in advance!
   
   
   
   ### Screenshots/recordings
   
   
![Image](https://github.com/user-attachments/assets/670e2a38-fb94-4edb-86eb-bf28dc8bb96c)
   
   
![Image](https://github.com/user-attachments/assets/009ee018-3e56-4c44-bb65-be3c0459f4fa)
   
   ### Superset version
   
   4.1.1
   
   ### Python version
   
   Not applicable
   
   ### Node version
   
   I don't know
   
   ### Browser
   
   Not applicable
   
   ### Additional context
   
   I am running Superset on a Linux virtual machine
   
   ### Checklist
   
   - [x] I have searched Superset docs and Slack and didn't find a solution to 
my problem.
   - [x] I have searched the GitHub issue tracker and didn't find a similar bug 
report.
   - [ ] I have checked Superset's logs for errors and if I found a relevant 
Python stacktrace, I included it here as text in the "additional context" 
section.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org