Skip to content

stockholmuniversity/salt-eauth-rest-caching-ldap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
caching_ldap
caching_ldap
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 
wsgi.py
wsgi.py
 
 

Repository files navigation

caching_ldap

caching_ldap is an REST authorization API for Salt's External Authentication System (eauth) using the eauth rest.

You send in a username, password doesn't matter since we just authorize not authenticate, and caching_ldap give back an eauth ACL for that user which is expanded from cached LDAP groups refreshed on an interval.

Usage

  1. Configure your external_auth for your salt-master and salt-api:

    eauth_acl_module: rest
external_auth:
  rest:
    ^url: http://localhost:8080/v1/login
    'admins%':
      - '.*'
    'users%':
      - 'test.ping'
      - 'state.highstate'

  2. Deploy this Flask-app on your salt master.

    $ cd salt-eauth-rest-caching-ldap
$ python3 -mvenv .
$ source bin/activate
$ pip3 install .

  3. Serve wsgi.py with an WGSI server.

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

5 watching

Forks

1 fork
Report repository

Releases

10 tags

Packages

No packages published

Languages