Authentication settings
You can set the Authentication Type to File, LDAP, or AD.
File-based Authentication
When file-based authentication is selected, the
atlas.authentication.method.file.filename property is
automatically set to
{{conf_dir}}/users-credentials.properties.
The
users-credentials.properties file should have the following
format:
username=group::sha256password
admin=ADMIN::e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221aThe
user group can be ADMIN, DATA_STEWARD, or
DATA_SCIENTIST.
The password is encoded with the
sha256 encoding method and can be generated using the UNIX
tool:
echo -n "Password" | sha256sum
e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a - | Note |
|---|---|
You can also set the Admin password using the Ambari UI: Select Advanced > Advanced atlas-env, then use the Admin password and Admin username boxes to set the Admin user name and password. When updating these settings post-installation, click Save, then restart Atlas and all other components that require a restart. |
LDAP Authentication
To enable LDAP authentication, select LDAP, then set the following configuration properties.
| Property | Sample Values |
|---|---|
| atlas.authentication.method.ldap.url | ldap://127.0.0.1:389 |
| atlas.authentication.method.ldap.userDNpattern | uid={0},ou=users,dc=example,dc=com |
| atlas.authentication.method.ldap.groupSearchBase | dc=example,dc=com |
| atlas.authentication.method.ldap.groupSearchFilter | (member=cn={0},ou=users,dc=example,dc=com) |
| atlas.authentication.method.ldap.groupRoleAttribute | cn |
| atlas.authentication.method.ldap.base.dn | dc=example,dc=com |
| atlas.authentication.method.ldap.bind.dn | cn=Manager,dc=example,dc=com |
| atlas.authentication.method.ldap.bind.password | PassW0rd |
| atlas.authentication.method.ldap.referral | ignore |
| atlas.authentication.method.ldap.user.searchfilter | (uid={0}) |
| atlas.authentication.method.ldap.default.role | ROLE_USER |
AD Authentication
To enable AD authentication, select AD, then set the following configuration properties.
| Property | Sample Values |
|---|---|
| atlas.authentication.method.ldap.ad.url | ldap://127.0.0.1:389 |
| Domain Name (Only for AD) | example.com |
| atlas.authentication.method.ldap.ad.base.dn | DC=example,DC=com |
| atlas.authentication.method.ldap.ad.bind.dn | CN=Administrator,CN=Users,DC=example,DC=com |
| atlas.authentication.method.ldap.ad.bind.password | PassW0rd |
| atlas.authentication.method.ldap.ad.referral | ignore |
| atlas.authentication.method.ldap.ad.user.searchfilter | (sAMAccountName={0}) |
| atlas.authentication.method.ldap.ad.default.role | ROLE_USER |
