-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move LDAP authentication into a standalone authentication backend #4348
Comments
I'll repeat here that it would be nice if the LDAP module could also be used as an authorization module when external authentication is used. I don't know how doable/complex that would be. After authentication is completed externally the user's group memberships are read from LDAP for permissions. |
@bluikko That is beyond the scope of this issue. |
Since its possible to using an LDAP backend as custom authentication backend thats seems like a good idea. |
Closes #4348: Introduce LDAPBackend
I believe you need to add REMOTE_AUTH_CONFIG now, because there is no way to specify LDAP config other than in settings.py. Or am i missing something? |
@bluikko I've made a proof of concept of this. Check it out here: https://github.com/sly-net/netbox-remote-authn-ldap-authz |
Proposed Changes
With the introduction of support for custom authentication backends (#2328) in NetBox v2.8, it no longer makes sense to maintain LDAP authentication as part of NetBox's core.
Justification
Offloading this functionality removes the burden of maintenance from the core maintainers, encourages more community participation in the development of the LDAP backend itself, and should serve as a strong reference implementation for custom authentication backends. It will also help guide the development of remote authentication support in NetBox.
The text was updated successfully, but these errors were encountered: