Hi Vaibhav,I am trying to implement local authentication on my druid cluster running postgres metadata,My requirement isFirst role list of user who can do all loading operations(load/update/append/delete) the data sourcesSecond Role list of users who can do select operation all Data sources.1) Created Authenticator user and assigned the passwordscurl -u admin -XPOST http://TestSrv:8081/druid-ext/basic-security/authentication/db/MyBasicPostgreSQLAuthenticator/users/Testusrcurl -u admin:druidadmin -H'Content-Type: application/json' -XPOST --data-binary @pass.json http://TestSrv:8081/druid-ext/basic-security/authentication/db/MyBasicPostgreSQLAuthenticator/users/Testusr/credentials2) Created Authorization user and Authorizer rolecurl -u admin -XPOST http://Testsrv:8081/druid-ext/basic-security/authorization/db/MyBasicPostgreSQLAuthorizer/users/Testusrcurl -u admin -XPOST http://Testsrv:8081/druid-ext/basic-security/authorization/db/MyBasicPostgreSQLAuthorizer/roles/TestRole3) Assigned the roles to the users~$ curl -u admin -XPOST http://Testsrv:8081/druid-ext/basic-security/authorization/db/MyBasicPostgreSQLAuthorizer/users/Testusr/roles/TestRole4) Attach permissions to the rolescurl -u admin -H'Content-Type: application/json' -XPOST --data-binary @permissions.json http://TestSrv:8081/druid-ext/basic-security/authentication/db/MyBasicPostgreSQLAuthenticator/roles/TestRole/permissionspermissions.json[{"resource": {"name": ""\b(?:datsource1|datasource2|datasource3\b","type": "DATASOURCE"},"action": "READ|WRITE"}]Now when i login to the druid console using the user TestUsr it logs in but shows zero data sources and will not allow me to query or load anything.Can you please let me know what we are missing--
You received this message because you are subscribed to the Google Groups "Druid User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to druid-user+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/druid-user/d79daf1c-12ec-4d3e-ac96-29c82815e2bdn%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/druid-user/CAP%2BetTsUqf%3DE-3eMko2OiDj47wDbmVO477CcL5XhFu91QoW-dA%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/druid-user/CADQcQ%3D9pYZwquHVgEr%3Dp%3D87_t3jUVSv_bFPkUkNLLBwu7Wb2Xw%40mail.gmail.com.
Hi Vibhav
Our cluster have 21 datasources and I can see all of them when I login druidadmin user. In permissions.jsaon I was just using the dummy names but in actual file I have real datasource names
I created the permissions.json with the admin user permissions and assigned this to admin role
curl -u admin:<password> -H'Content-Type: application/json' -XPOST --data-binary @permissions.json http://<coordinator>:8081/druid-ext/basic-security/authentication/db/MyBasicPostgreSQLAuthenticator/roles/adminrole/permissions
After I login as user sneela4 I still see the same
I can see the users and roles from unix