You can translate the document:

Content

A virtual database can be configured to use LDAP authentication, which delegates user authentication to a LDAP server.  Additionally to that, since Denodo 8.0, you can configure global LDAP authentication at server level. When a user tries to connect to a database or a Virtual DataPort Server configured for LDAP authentication, the server will check whether the user is a Virtual DataPort local user, and if not, it will connect to the configured LDAP server in order to check the credentials and roles of the user.  To use LDAP authentication the following is needed:  

  • LDAP data source.
  • Virtual DataPort Server or a virtual database for which (global) LDAP authentication was enabled.
  • User base: node of the LDAP server used as scope to search nodes that represent users.
  • Attribute with user name: name of the attribute that contains the username in the node
  • User search pattern: the value of this field is used to build the LDAP query to obtain the nodes that represent the users.
  • Role base : node of the LDAP server whose children nodes represent roles that users of the database have.
  • Attribute with role name.
  • Role search pattern: This pattern has to contain the token @{USERDN} which will be replaced by the distinguished name of the user that tries to connect to the database.

Read the LDAP Authentication of Virtual DataPort Administration Guide or the Knowledge Base article LDAP authentication best practices for more information about setting up LDAP authentication.

When creating data sources, there is a “Pass-through session credentials" option.  If selected, Virtual Data Port will use the user’s Virtual DataPort database login credentials to authenticate a query to the data source.

If a user connects to a database through LDAP authentication, and then queries a view from a data source with “Pass-through session credentials”, the user’s LDAP username and password will be used to execute the query.  Read more about “Pass-through session credentials" in the Virtual DataPort Administration Guide section “Importing JDBC Sources”.

References

Knowledge Base Article: LDAP authentication best practices.

Virtual DataPort Administration Guide: LDAP Authentication.

Virtual DataPort Administration Guide: Administration of Databases, Users, Roles and their Access Rights.

Virtual DataPort Administration Guide: Importing JDBC Sources.

LDAP Authentication at server level

Importing LDAP roles in Virtual DataPort

Disclaimer
The information provided in the Denodo Knowledge Base is intended to assist our users in advanced uses of Denodo. Please note that the results from the application of processes and configurations detailed in these documents may vary depending on your specific environment. Use them at your own discretion.
For an official guide of supported features, please refer to the User Manuals. For questions on critical systems or complex environments we recommend you to contact your Denodo Customer Success Manager.

Questions

Ask a question

You must sign in to ask a question. If you do not have an account, you can register here