himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-614823335
glad that it worked out, thanks for testing.
This is an
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-613603074
@soumyajose0784 did you enable pac4j auth on non-router nodes as well? One
option would be to not have pac4j auth on non-router
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-613098691
@averma111 @soumyajose0784 can you please get the commit from
https://github.com/apache/druid/pull/9695 to your build and try ?
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-613063279
@soumyajose0784 @averma111 thanks for trying. sorry to hear that, I am
looking into it. unfortunately, I have access to 2 okta
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-610660405
pac4j asks for `scope=openid+profile+email` so I guess that would mean
all of above.
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-610626878
yes in the auth server side you would need to add something like
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-610236177
@averma111 @soumyajose0784 can you add the commit from
https://github.com/apache/druid/pull/9637/files in your build then you
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-610005065
@averma111 can you remove the kerberos authenticator and let us try to make
this auth working first , then we could add
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-609984520
@soumyajose0784 @averma111 also please add this commit (
https://github.com/apache/druid/pull/9627 ) to your 0.18.0 custom
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-609974654
> Do we need to pass the above java param to all the run time properties
file or any specific node.
they wouldn't go in
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-609951261
@soumyajose0784 as a workaround, can you try adding following properties
in jvm args of Druid process ...
```
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-609592760
@soumyajose0784 that sounds like that the ssl cert returned from server
configured in `druid.auth.pac4j.oidc.discoveryURI`
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-609110308
@averma111 on druid side, runtime properties would have something like
below...
```
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-603393558
@jon-wei thanks for the review. Also, I have been researching a bit to see
if there is a programmatic way to do the
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-602773533
@jihoonson thanks for reviewing
This is an automated message
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-601954311
@jon-wei ok, that arrangement could be made to work. However, In that case
test "must be" optional because it wouldn't
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-601934582
@jon-wei can you please review/approve this?
This is an
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-591140122
@jon-wei thanks for looking. Yes, I do intend to maintain this extension
and fix bugs as this is running on my own clusters as
himanshug commented on issue #8992: druid extension for OpenID Connect auth
using pac4j lib
URL: https://github.com/apache/druid/pull/8992#issuecomment-586509109
this has been successfully running in our prod for a while now.
19 matches
Mail list logo
