Authentication settings
You can set the Authentication Type to File, LDAP, or AD.
File-based Authentication
When file-based authentication is selected, the
atlas.authentication.method.file.filename
property is
automatically set to
{{conf_dir}}/users-credentials.properties
.
The
users-credentials.properties
file should have the following
format:
username=group::sha256password
admin=ADMIN::e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a
The
user group can be ADMIN
, DATA_STEWARD
, or
DATA_SCIENTIST
.
The password is encoded with the
sha256
encoding method and can be generated using the UNIX
tool:
echo -n "Password" | sha256sum
e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a -
Note | |
---|---|
You can also set the Admin password using the Ambari UI: Select Advanced > Advanced atlas-env, then use the Admin password and Admin username boxes to set the Admin user name and password. When updating these settings post-installation, click Save, then restart Atlas and all other components that require a restart. |
LDAP Authentication
To enable LDAP authentication, select LDAP, then set the following configuration properties.
Property | Sample Values |
---|---|
atlas.authentication.method.ldap.url | ldap://127.0.0.1:389 |
atlas.authentication.method.ldap.userDNpattern | uid={0},ou=users,dc=example,dc=com |
atlas.authentication.method.ldap.groupSearchBase | dc=example,dc=com |
atlas.authentication.method.ldap.groupSearchFilter | (member=cn={0},ou=users,dc=example,dc=com) |
atlas.authentication.method.ldap.groupRoleAttribute | cn |
atlas.authentication.method.ldap.base.dn | dc=example,dc=com |
atlas.authentication.method.ldap.bind.dn | cn=Manager,dc=example,dc=com |
atlas.authentication.method.ldap.bind.password | PassW0rd |
atlas.authentication.method.ldap.referral | ignore |
atlas.authentication.method.ldap.user.searchfilter | (uid={0}) |
atlas.authentication.method.ldap.default.role | ROLE_USER |
AD Authentication
To enable AD authentication, select AD, then set the following configuration properties.
Property | Sample Values |
---|---|
atlas.authentication.method.ldap.ad.url | ldap://127.0.0.1:389 |
Domain Name (Only for AD) | example.com |
atlas.authentication.method.ldap.ad.base.dn | DC=example,DC=com |
atlas.authentication.method.ldap.ad.bind.dn | CN=Administrator,CN=Users,DC=example,DC=com |
atlas.authentication.method.ldap.ad.bind.password | PassW0rd |
atlas.authentication.method.ldap.ad.referral | ignore |
atlas.authentication.method.ldap.ad.user.searchfilter | (sAMAccountName={0}) |
atlas.authentication.method.ldap.ad.default.role | ROLE_USER |