airlfow集成ldap默认需要开启ssl/tls,但是配置文件中没有开关选项,如要关闭只能修改代码,只需要修改一个地方,vi /root/python3/lib/python3.6/site-packages/airflow/contrib/auth/backends/ldap_auth.py,找到ldap_auth.py这个文件中的get_ldap_connection方法
修改前
tls_configuration = Tls(validate=ssl.CERT_REQUIRED,
ca_certs_file=cacert)
server = Server(conf.get("ldap", "uri"),
use_ssl=True,
tls=tls_configuration)
修改后
#tls_configuration = Tls(validate=ssl.CERT_REQUIRED,
# ca_certs_file=cacert)
server = Server(conf.get("ldap", "uri"),
use_ssl=False,
tls=None)
修改配置文件
[webserver]
authenticate = True
auth_backend = airflow.contrib.auth.backends.ldap_auth
[ldap]
# set this to ldaps://<your.ldap.server>:<port>
uri = ldap://ldap.ccc.com:389
user_filter = objectClass=*
user_name_attr = uid
group_member_attr = memberUid #默认是memberOf,如果ldap没有开启memberOf,也可以换成memberUid
superuser_filter =
data_profiler_filter =
bind_user = cn=Manager,dc=hhz,dc=com
bind_password = 密码
basedn = dc=hhz,dc=com
search_scope = SUBTREE
cacert = /etc/ca/ldap_ca.crt
#search_scope = LEVEL
# This setting allows the use of LDAP servers that either return a
# broken schema, or do not return a schema.
ignore_malformed_schema = False
