gaspardpetit
commented
7 years ago Change submited, will require Graylog 2.4 : https://github.com/Graylog2/graylog-plugin-auth-sso/pull/33
Closed gaspardpetit closed 6 years ago
gaspardpetit
commented
7 years ago Change submited, will require Graylog 2.4 : https://github.com/Graylog2/graylog-plugin-auth-sso/pull/33
githubkatten
commented
7 years ago We have a similar usecase. We use the SSO authentication plugin and we want to use the LDAP support in Graylog. We want to add a specific group in AD and tie that group to a certain Graylog Role. Our organisation is large and maintaining user/roles will be a big issue for us over time.
florianpopp
commented
6 years ago Closing this in favour of https://github.com/Graylog2/graylog2-server/issues/3968
Thank you!
I have a use case where I would like to use SSO for authentication but Ldap for roles. I would like to submit two changelists which would (1) expose a public
syncLdapUser(String principal)method on theLdapUserAuthenticatorclass ingraylog2-serverand (2) call this method from the SSO plugin when the user signs-in and Ldap is enabled. Is this change worth submitting?This will require the SSO plugin to receive an instance of the
LdapUserAuthenticatorclass and will tightly couple them, but I figured that sinceLdapUserAuthenticatoris built-in into graylog, it might be an acceptable solution.