288f9b2b15
This PR extends authentication with 2 mechanisms: - a new role_manager subclass, which allows managing users via LDAP server, - a new authenticator, which delegates plaintext authentication to a running saslauthd daemon. The features have been ported from the enterprise repository with their test.py tests and the documentation as part of changing license to source available. Fixes: scylladb/scylla-enterprise#5000 Fixes: scylladb/scylla-enterprise#5001 Closes scylladb/scylladb#22030
17 lines
427 B
Plaintext
17 lines
427 B
Plaintext
# before the first database definition
|
|
database config
|
|
# NOTE: the suffix is hardcoded as cn=config and
|
|
# MUST not have a suffix directive
|
|
# normal rules apply - rootdn can be anything you want
|
|
# but MUST be under cn=config
|
|
rootdn "cn=admin,cn=config"
|
|
|
|
pidfile ./pidfile.pid
|
|
include /etc/openldap/schema/core.schema
|
|
|
|
database mdb
|
|
suffix "dc=example,dc=com"
|
|
rootdn "cn=root,dc=example,dc=com"
|
|
rootpw secret
|
|
index objectClass eq
|