Closed ghost closed 1 year ago
sentry-ldap-auth
is not officially supported by Sentry. It looks like someone else ran into issues using something like that though?
https://github.com/getsentry/self-hosted/issues/2083#issuecomment-1509148590
This issue has gone three weeks without activity. In another week, I will close it.
But! If you comment or otherwise update it, I will reset the clock, and if you label it Status: Backlog
or Status: In Progress
, I will leave it alone ... forever!
"A weed is but an unloved flower." ― Ella Wheeler Wilcox 🥀
Self-Hosted Version
23.3.1
CPU Architecture
x86-63
Docker Version
23.0.2
Docker Compose Version
2.17.2
Steps to Reproduce
Add LDAP to the enhanced image:
#############
LDAP auth
#############
import ldap from django_auth_ldap.config import LDAPSearch, PosixGroupType
AUTH_LDAP_SERVER_URI = 'ldap://ldap1.myhost.internal:389'
AUTH_LDAP_USER_SEARCH = LDAPSearch( 'cn=accounts,dc=mycompany,dc=internal', ldap.SCOPE_SUBTREE, '(uid=%(user)s)', )
AUTH_LDAP_GROUP_SEARCH = LDAPSearch( "cn=accounts,dc=mycompany,dc=internal", ldap.SCOPE_SUBTREE, "(objectClass=PosixGroup)" )
AUTH_LDAP_GROUP_TYPE = PosixGroupType() AUTH_LDAP_REQUIRE_GROUP = None AUTH_LDAP_DENY_GROUP = None
AUTH_LDAP_USER_ATTR_MAP = { "first_name": "givenname", "last_name": "sn", "email": "mail" }
AUTH_LDAP_FIND_GROUP_PERMS = False
AUTH_LDAP_CACHE_GROUPS = True AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
AUTH_LDAP_DEFAULT_SENTRY_ORGANIZATION = 'Sentry'
AUTH_LDAP_SENTRY_ORGANIZATION_ROLE_TYPE = 'member'
AUTH_LDAP_SENTRY_ORGANIZATION_GLOBAL_ACCESS = True
AUTH_LDAP_SENTRY_SUBSCRIBE_BY_DEFAULT = False
AUTH_LDAP_SENTRY_USERNAME_FIELD = 'uid' SENTRY_MANAGED_USER_FIELDS = ('email', 'first_name', 'last_name', 'password', )
AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS + ( 'sentry_ldap_auth.backend.SentryLdapBackend', )
optional, for debugging
import logging logger = logging.getLogger('django_auth_ldap') logger.addHandler(logging.StreamHandler()) logger.addHandler(logging.FileHandler('/var/log/sentry_ldap.log')) logger.setLevel('DEBUG')
LOGGING['overridable'] = ['sentry', 'django_auth_ldap'] LOGGING['loggers']['django_auth_ldap'] = { 'handlers': ['console'], 'level': 'DEBUG' }