GitHub user dosubot[bot] added a comment to the discussion: How to enable
normal sign in and SSO at same time.
<!-- Answer -->
To enable both normal sign-in and SSO simultaneously in Apache Superset,
allowing users to log in with either SSO or a username and password, you can
implement a custom authentication flow using a custom security manager. Here's
how you can achieve this:
1. Create a custom security manager in your `superset_config_docker.py` file:
```python
from flask import redirect, flash, request
from superset.security import SupersetSecurityManager
from flask_login import login_user
from flask_appbuilder.security.views import AuthDBView
from flask_appbuilder.security.views import expose
class CustomAuthDBView(AuthDBView):
@expose('/login/', methods=['GET', 'POST'])
def login(self):
token = request.args.get('token')
if token == 'SOME_TOKEN_VALUE':
user =
self.appbuilder.sm.find_user(username=request.args.get('username'))
login_user(user)
return redirect(self.appbuilder.get_url_for_index)
else:
return super(CustomAuthDBView,self).login()
class CustomSecurityManager(SupersetSecurityManager):
authdbview = CustomAuthDBView
def __init__(self, appbuilder):
super(CustomSecurityManager, self).__init__(appbuilder)
CUSTOM_SECURITY_MANAGER = CustomSecurityManager
```
2. Users can then authenticate either:
- Via SSO by accessing:
`http://localhost:8088/login/?token=SOME_TOKEN_VALUE&username=admin`
- Via standard login form at `/login` with username and password
This setup allows users to choose between SSO and standard authentication, with
both options available as buttons on the login page. Note that Apache Superset
does not natively support enabling both Google OAuth and email-password
authentication simultaneously using configuration settings like `AUTH_TYPE =
[AUTH_DB, AUTH_OAUTH]`, so a custom security manager is necessary
<sup>[[1]](https://github.com/apache/superset/discussions/32038)</sup>.
<!-- Dosu Comment Footer -->
*To continue talking to [Dosu](https://dosu.dev), mention @dosu.*
---
<sup>Help Dosu learn! Give it feedback: [Great
Response](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=great_response)
| [Irrelevant
Answer](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=irrelevant_answer)
| [Incorrect
Sources](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=incorrect_sources)
| [Too
Verbose](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=too_verbose)
|
[Hallucination](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=hallucination)
| [Bug
Report](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=bug_report)
|
[Other](https://app.dosu.dev/response-feedback/dce1cabf-8b26-4549-9afb-699f7aefe186?feedback_type=other)</sup>
GitHub link:
https://github.com/apache/superset/discussions/32991#discussioncomment-12708534
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
