-
Notifications
You must be signed in to change notification settings - Fork 189
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement LDAP Authentication #748
base: main
Are you sure you want to change the base?
Conversation
4be803c
to
de87f07
Compare
@drdrsh any chance that this functionality could get merged in? Happy to make any changes, add documentation, tests, split up the PR(one for trust, one for LDAP), etc. |
I haven't had the time to review this yet. |
I will appreciate it if you could add some tests. |
I updated the Contribution guide to show how you can write integration tests. |
e3bfaf6
to
9c3defa
Compare
Thank for updating those docs. Added some basic unit tests for LDAP and trust. Added onto the python unit tests since that is the testing framework that I am most familiar with. One thing I notice is that the python tests are currently organized as a script, might be worth refactoring it to use pytest to get better reporting, test isolation, parallelism, amongst other things. I opened #790 which modifies the tests to use the pytest framework. If you want to go that route I can change the tests in this PR as well if/when you want to merge that. Since LDAP requires a dedicated web service I incorporated GLauth in the docker container since it can be installed via a very straightforward binary. GLauth also provides a docker container as well (https://hub.docker.com/r/glauth/glauth) if this fits better with the pgcat testing framework. |
f48578d
to
dba23bc
Compare
I see the #790 was merged. Will work on converting these tests to use pytest today. |
0840165
to
eb5222a
Compare
Just a heads up, removed the trust auth (passwordless) stuff out of this PR. Will raise a new PR with that stuff. I figure its easier that way as the LDAP functionality requires changes to the dockerfile (and thus the CI) in order to run whereas the trust functionality is a lot more limited in scope. |
This PR implements trust (no password), and LDAP authentication with pgcat. Postgres offers a number of authentication options that are not available with pgcat with trust being the most basic. Added a configuration item to allow the auth_type to be set at the user level.