PROBLEMS WHEN LINKING LDAP

[iRoot13x18]

Bug description

I need to link LDAP to my superset and it is giving me error when connecting, I have verified that the LDAP credentials are correct. I have based on these two configuration files.

How to reproduce the bug

1- go to PYTHONPATH

2-edit superset_config.py file and put the relevant configuration for LDAP, in particular this was this import os from superset.security import SupersetSecurityManager from flask_appbuilder.security.manager import AUTH_DB,AUTH_LDAP from custom_security_manager import CustomSecurityManager

AUTH_TYPE = AUTH_LDAP AUTH_USER_REGISTRATION = True AUTH_USER_REGISTRATION_ROLE = "Public" AUTH_LDAP_SERVER = "ldaps://server.yourdomain.com:636" AUTH_LDAP_USE_TLS = False AUTH_LDAP_BIND_USER = "cn=mycn,ou=myou,ou=myou,dc=mydc,dc=com" AUTH_LDAP_BIND_PASSWORD = "password" AUTH_LDAP_SEARCH = "DC=your_domain,DC=com," AUTH_LDAP_UID_FIELD = "sAMAccountName" AUTH_LDAP_ALLOW_SELF_SIGNED=True AUTH_LDAP_APPEND_DOMAIN=False AUTH_LDAP_FIRSTNAME_FIELD="givenName" AUTH_LDAP_LASTNAME_FIELD="sn" AUTH_LDAP_USE_TLS=False AUTH_USER_REGISTRATION=True

CUSTOM_SECURITY_MANAGER = CustomSecurityManager

3-create and modify the custom_security_manager.py file in PYTHONPATH from superset.security import SupersetSecurityManager from flask_appbuilder.security.views import AuthLDAPView from flask_appbuilder.security.views import expose from flask import g, redirect, flash from flask_appbuilder.security.forms import LoginForm_db from flask_login import login_user from flask_appbuilder._compat import as_unicode

class AuthLocalAndLDAPView(AuthLDAPView): @expose("/login/", methods=["GET", "POST"]) def login(self): if g.user is not None and g.user.is_authenticated: return redirect(self.appbuilder.get_url_for_index) form = LoginForm_db() if form.validate_on_submit(): user = self.appbuilder.sm.auth_user_ldap( form.username.data, form.password.data ) if not user: user = self.appbuilder.sm.auth_user_db( form.username.data, form.password.data ) if user: login_user(user, remember=False) return redirect(self.appbuilder.get_url_for_index) else: flash(as_unicode(self.invalid_login_message), "warning") return redirect(self.appbuilder.get_url_for_login) return self.render_template( self.login_template, title=self.title, form=form, appbuilder=self.appbuilder )

class CustomSecurityManager(SupersetSecurityManager): authldapview = AuthLocalAndLDAPView def init(self, appbuilder): super(CustomSecurityManager, self).init(appbuilder)

4-restart docker-compose and try logging in with ldap credentials

Screenshots/recordings

No response

Superset version

4.0.0

Python version

3.10

Node version

18 or greater

Browser

Chrome

Additional context

I will leave here the web page on which I based my configuration. https://medium.com/@ozan/configure-ldap-and-local-user-login-on-superset-69fa4df4ee24

Checklist

• [X] I have searched Superset docs and Slack and didn't find a solution to my problem.
• [X] I have searched the GitHub issue tracker and didn't find a similar bug report.
• [X] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section.

[dosubot[bot]]

To address the LDAP connection issue in Superset, ensure the following:

1. python-ldap Installation: Confirm python-ldap is installed in your environment, as it's required for LDAP authentication.

2. LDAP Configuration: Double-check your superset_config.py for correct LDAP settings according to Flask App Builder documentation. This includes server details, user bind configuration, and search options.

3. Role Mapping: Verify AUTH_ROLES_MAPPING in superset_config.py for accurate LDAP group to Superset role mappings, if applicable.

4. Role Sync: If AUTH_ROLES_SYNC_AT_LOGIN is enabled, ensure LDAP group to role mappings are syncing correctly at login.

5. Debugging: Increase logging level in Superset to capture detailed LDAP-related errors, which can provide insights into configuration or connectivity issues.

6. Package Compatibility: Check that your python-ldap package version is compatible with Superset 4.0.0, which recommends version >=3.4.4.

7. Network and Firewall: Ensure no network or firewall settings are blocking connections to the LDAP server.

8. LDAP Server Settings: Review the LDAP server configuration for correct base DN, user DN, and search filters.

If the issue persists after these checks, consider reviewing discussions and issues in the Superset repository related to LDAP authentication for additional insights and potential solutions.

#### Details

**Sources** - [Can't find flask.appbuilder logs](https://github.com/apache/superset/discussions/24122) - [api login with ldap account ,returns error](https://github.com/apache/superset/issues/27964) - [AuthN. integration not working](https://github.com/apache/superset/issues/23764) - [LDAP auth doesn't work in Superset v.3.0.0](https://github.com/apache/superset/issues/25431) - [Why can't I log in after deploying with Docker? What could be the reason?](https://github.com/apache/superset/issues/24508) - [docs/docs/configuration/configuring-superset.mdx](https://github.com/apache/superset/blob/master/docs/docs/configuration/configuring-superset.mdx) - [pyproject.toml](https://github.com/apache/superset/blob/master/pyproject.toml) - [superset/errors.py](https://github.com/apache/superset/blob/master/superset/errors.py) - [superset/commands/database/test_connection.py](https://github.com/apache/superset/blob/master/superset/commands/database/test_connection.py)
**About Dosu** This response is meant to be useful and save you time. It is **not meant to be a precise solution**, but rather a starting point for your own research. Help me be more useful! Please leave a 👍 if this is helpful and 👎 if it is irrelevant.

To continue the conversation, mention @dosu.