LDAP Connection Superset

[ziusware]

Is your feature request related to a problem? Please describe.
I was trying to connect more than one domain on my Superset, but I think Superset does not permit that. When I try to connect more than one LDAP SERVER the Superset doesn't accept because on his source code he just accept one parameter.

Describe the solution you'd like
Ask for a option to add more than one domain on Superset.

Describe alternatives you've considered
Superset just permit us to connect just one LDAP connection with the parameters below:

AUTH_LDAP_SERVER = ""
AUTH_LDAP_USE_TLS = False
AUTH_LDAP_BIND_USER = ""
AUTH_LDAP_BIND_PASSWORD = ""
AUTH_LDAP_SEARCH = ""
AUTH_LDAP_UID_FIELD = ""
AUTH_LDAP_FIRSTNAME_FIELD = ""
AUTH_LDAP_LASTNAME_FIELD = ""

If we can use a separition to connect one more domain, ou many others, separating them with a space or a comma it would be very useful.

[issue-label-bot]

Issue-Label Bot is automatically applying the label #enhancement to this issue, with a confidence of 0.74. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

[dpgaspar]

Hi @ziusware,

This is more of a FAB question, since the LDAP auth is performed by it. Feel free to open and issue there.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. For admin, please label this issue .pinned to prevent stale bot from closing the issue.

[ziusware]

I solved the problem, I was trying to use two sub domains, but I thought that SUPERSET just allow one. The two sub domains that I wanted to use was inside of a Domain so I just changed my AUTH_LDAP_SERVER= "ldap://<domain_url>:389" to AUTH_LDAP_SERVER= "ldap://<domain_url>:3268"

[bharath0208]

Hi @ziusware @dpgaspar ,

I have modified the superset_config.py to connect to my ldap server. When i run this as a docker pod i m able to connect to the LDAP server and the logging is working fine. But when i deploy this on a Kubernetes cluster using helm charts it throws the below error.

  File "/usr/local/lib/python3.6/site-packages/flask_appbuilder/security/manager.py", line 909, in auth_user_ldap
    if not self._bind_ldap(ldap, con, username, password):
  File "/usr/local/lib/python3.6/site-packages/flask_appbuilder/security/manager.py", line 825, in _bind_ldap
    self._bind_indirect_user(ldap, con)
  File "/usr/local/lib/python3.6/site-packages/flask_appbuilder/security/manager.py", line 810, in _bind_indirect_user
    con.bind_s(indirect_user, indirect_password)
  File "/usr/local/lib/python3.6/site-packages/ldap/ldapobject.py", line 397, in bind_s
    msgid = self.bind(who,cred,method)
  File "/usr/local/lib/python3.6/site-packages/ldap/ldapobject.py", line 391, in bind
    return self.simple_bind(who,cred)
  File "/usr/local/lib/python3.6/site-packages/ldap/ldapobject.py", line 376, in simple_bind
    return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
  File "/usr/local/lib/python3.6/site-packages/ldap/ldapobject.py", line 263, in _ldap_call
    result = func(*args,**kwargs)
ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

Note: The ldap server is up and running and we are able to contact it from other kube pods not sure why it is not working from superset pod.

[chcsilva0]

Hi @bharath0208,

I'm having the same problem, ldap is running and can query it from my local machine and docker, however when try from kubernetes cluster, cannot connect to ldap server.

Did you find any solution?