288f9b2b15
This PR extends authentication with 2 mechanisms: - a new role_manager subclass, which allows managing users via LDAP server, - a new authenticator, which delegates plaintext authentication to a running saslauthd daemon. The features have been ported from the enterprise repository with their test.py tests and the documentation as part of changing license to source available. Fixes: scylladb/scylla-enterprise#5000 Fixes: scylladb/scylla-enterprise#5001 Closes scylladb/scylladb#22030
48 lines
1.0 KiB
CMake
48 lines
1.0 KiB
CMake
include(add_whole_archive)
|
|
find_package(OpenLDAP REQUIRED
|
|
ldap)
|
|
|
|
add_library(scylla_auth STATIC)
|
|
target_sources(scylla_auth
|
|
PRIVATE
|
|
allow_all_authenticator.cc
|
|
allow_all_authorizer.cc
|
|
authenticated_user.cc
|
|
authenticator.cc
|
|
certificate_authenticator.cc
|
|
common.cc
|
|
default_authorizer.cc
|
|
ldap_role_manager.cc
|
|
password_authenticator.cc
|
|
passwords.cc
|
|
permission.cc
|
|
permissions_cache.cc
|
|
resource.cc
|
|
role_or_anonymous.cc
|
|
roles-metadata.cc
|
|
sasl_challenge.cc
|
|
saslauthd_authenticator.cc
|
|
service.cc
|
|
standard_role_manager.cc
|
|
transitional.cc
|
|
maintenance_socket_role_manager.cc)
|
|
target_include_directories(scylla_auth
|
|
PUBLIC
|
|
${CMAKE_SOURCE_DIR})
|
|
target_link_libraries(scylla_auth
|
|
PUBLIC
|
|
Seastar::seastar
|
|
xxHash::xxhash
|
|
PRIVATE
|
|
absl::headers
|
|
OpenLDAP::ldap
|
|
cql3
|
|
idl
|
|
ldap
|
|
wasmtime_bindings
|
|
libxcrypt::libxcrypt)
|
|
|
|
add_whole_archive(auth scylla_auth)
|
|
|
|
check_headers(check-headers scylla_auth
|
|
GLOB_RECURSE ${CMAKE_CURRENT_SOURCE_DIR}/*.hh) |