Users

Users are the authenticated entities that make REST calls to Thales Data Platform.

Configuring LDAP Authentication

In production environments Thales Data Platform should authenticate users against an external authentication provider (LDAP).

Updating Knox Topology

1. Navigate to Ambari GUI. Please refer to Accessing Ambari for further details.

2. In the Ambari toolbar on the left, expand Services, then click Knox.

3. Expand the Advanced topology section.

   

4. Configuration example:

   <provider>
   <role>authentication</role>
   <name>ShiroProvider</name>
   <enabled>true</enabled>
   <param>
   <name>main.ldapRealm</name>
   <value>org.apache.shiro.realm.ldap.JndiLdapRealm</value>
   </param>
   <param>
   <name>main.ldapRealm.userDnTemplate</name>
   <value>uid= {0},ou=people,dc=hadoop,dc=apache,dc=org</value>
   </param>
   <param>
   <name>main.ldapRealm.contextFactory.url</name>
   <value>ldap://localhost:33389</value>
   </param>
   <param>
   <name>main.ldapRealm.contextFactory.authenticationMechanism</name>
   <value>simple</value>
   </param>
   <param>
   <name>urls./**</name>
   <value>authcBasic</value>
   </param>
   </provider>
   

5. Click SAVE then restart all the affected components.

   At the top of the screen it will tell you that a restart is required and there is an orange RESTART button. Click that button and select Restart All Affected.

For instructions on configuring an external LDAP or Active Directory refer to the Apache Knox online documentation:

• LDAP Configuration

• Active Directory Configuration