SQL稽核平臺 Archery v1.8.0 LDAP功能配置步驟
一、安裝相關包
1、安裝LDAP相關的擴充套件包
[root@localhost ~]# docker ps
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1bb1c633de94 mysql:5.7 "docker-entrypoint.s…" 3 weeks ago Up 3 weeks 3306/tcp, 33060/tcp, 0.0.0.0:3307->3307/tcp, :::3307->3307/tcp mysql
10a1a24b437a redis:5 "docker-entrypoint.s…" 3 weeks ago Up 3 weeks 6379/tcp redis
75054a146810 hhyo/inception "/bin/sh -c 'nohup /…" 3 weeks ago Up 3 weeks 6669/tcp inception
87cfaee82763 hhyo/archery:1.8.0 "dockerize -wait tcp…" 3 weeks ago Up 7 minutes 0.0.0.0:9123->9123/tcp, :::9123->9123/tcp archery
02b26516ccea hanchuanchuan/goinception "/usr/local/bin/dumb…" 3 weeks ago Up 3 weeks 4000-4001/tcp goinception
[root@localhost ~]# docker exec -it 87 bash
[root@c3fe74f742ac archery]# yum -y install openldap-devel
2、安裝PYTHON依賴庫
# 缺少的話在瀏覽器登陸時會報錯:"500 Internal Server Error"
[root@c3fe74f742ac archery]# source /opt/venv4archery/bin/activate
[root@c3fe74f742ac archery]# pip install django-auth-ldap==1.3.0 -i --trusted-host pypi.douban.com --upgrade pip
[root@c3fe74f742ac archery]# pip install six
[root@c3fe74f742ac archery]# cd /opt/venv4archery/lib/python3.8/site-packages/
[root@c3fe74f742ac archery]# cp six.py /opt/venv4archery/lib/python3.8/site-packages/django/utils/
3、重啟下相關容器
[root@localhost ~]# docker restart 87
[root@localhost ~]# docker ps | grep archery
87cfaee82763 hhyo/archery:1.8.0 "dockerize -wait tcp…" 3 weeks ago Up 9 minutes 0.0.0.0:9123->9123/tcp, :::9123->9123/tcp archery
二、編輯配置檔案
1、進入相關容器修改配置檔案
[root@localhost ~]# docker exec -it 87 bash
[root@87cfaee82763 archery]# yum -y install vim
[root@87cfaee82763 archery]# cd /opt/archery/archery
[root@87cfaee82763 archery]# ls
asgi.py __init__.py __pycache__ settings.py settings.py.bak urls.py wsgi.py
[root@c3fe74f742ac archery]# cp settings.py settings.py.bak
[root@c3fe74f742ac archery]# vim settings.py ( 修改 LDAP 相關的部分如下內容 )
# LDAP
#ENABLE_LDAP = False
ENABLE_LDAP = True
if ENABLE_LDAP:
import ldap
from django_auth_ldap.config import LDAPSearch
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend', # 配置為先使用LDAP認證,如透過認證則不再使用後面的認證方式
'django.contrib.auth.backends.ModelBackend', # django系統中手動建立的使用者也可使用,優先順序靠後。注意這2行的順序
)
AUTH_LDAP_SERVER_URI = "ldap://192.168.1.1"
AUTH_LDAP_BIND_DN = "cn=admin,dc=xxxxx,dc=cn"
AUTH_LDAP_BIND_PASSWORD = "xxxxxxx"
AUTH_LDAP_USER_SEARCH = LDAPSearch('ou=user,dc=xxxxxx,dc=cn',ldap.SCOPE_SUBTREE,'(uid=%(user)s)',)
AUTH_LDAP_ALWAYS_UPDATE_USER = True # 每次登入從ldap同步使用者資訊
AUTH_LDAP_USER_ATTR_MAP = { # key為archery.sql_users欄位名,value為ldap中欄位名,使用者同步資訊
"username": "cn",
"display": "displayname",
"email": "mail"
}
2、重啟下相關容器
[root@localhost ~]# docker restart 87
[root@localhost ~]# docker ps | grep archery
87cfaee82763 hhyo/archery:1.8.0 "dockerize -wait tcp…" 3 weeks ago Up 13 minutes 0.0.0.0:9123->9123/tcp, :::9123->9123/tcp archery
3.檢視docker logs日誌:
# docker logs archery -f --tail=50
[2022-05-12 16:39:20 +0800] [39] [INFO] Started server process [39]
[2022-05-12 16:39:20 +0800] [39] [INFO] Waiting for application startup.
[2022-05-12 16:39:20 +0800] [39] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:39:20 +0800] [39] [INFO] Application startup complete.
[2022-05-12 16:39:20 +0800] [40] [INFO] Started server process [40]
[2022-05-12 16:39:20 +0800] [40] [INFO] Waiting for application startup.
[2022-05-12 16:39:20 +0800] [40] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:39:20 +0800] [40] [INFO] Application startup complete.
[2022-05-12 16:39:20 +0800] [41] [INFO] Started server process [41]
[2022-05-12 16:39:20 +0800] [41] [INFO] Waiting for application startup.
[2022-05-12 16:39:20 +0800] [41] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:39:20 +0800] [41] [INFO] Application startup complete.
[2022-05-12 16:39:47,540][ThreadPoolExecutor-0_0:140568935855872][task_id:django_auth_ldap][backend.py:657][WARNING]- cn=zhangyu,ou=user,dc=ienglish,dc=cn does not have a value for the attribute displayname
[2022-05-12 16:40:36,595][ThreadPoolExecutor-0_0:140568935855872][task_id:django_auth_ldap][backend.py:657][WARNING]- cn=zhaoyanchang,ou=user,dc=ienglish,dc=cn does not have a value for the attribute displayname
[2022-05-12 16:40:56,469][ThreadPoolExecutor-0_0:140568935855872][task_id:django_auth_ldap][backend.py:657][WARNING]- cn=zhangyu,ou=user,dc=ienglish,dc=cn does not have a value for the attribute displayname
2022/05/12 16:55:32 Received signal: terminated
2022/05/12 16:55:32 Command exited with error: signal: terminated
2022/05/12 16:55:33 Waiting for: tcp://mysql:3306
2022/05/12 16:55:33 Waiting for: tcp://redis:6379
2022/05/12 16:55:33 Connected to tcp://redis:6379
2022/05/12 16:55:33 Connected to tcp://mysql:3306
切換python執行環境
修改重定向埠
啟動nginx
收集所有的靜態檔案到STATIC_ROOT
啟動Django Q cluster
啟動服務
[2022-05-12 16:55:35 +0800] [38] [INFO] Starting gunicorn 20.0.4
[2022-05-12 16:55:35 +0800] [38] [INFO] Listening at: (38)
[2022-05-12 16:55:35 +0800] [38] [INFO] Using worker: uvicorn.workers.UvicornWorker
[2022-05-12 16:55:35 +0800] [40] [INFO] Booting worker with pid: 40
[2022-05-12 16:55:35 +0800] [41] [INFO] Booting worker with pid: 41
[2022-05-12 16:55:35 +0800] [42] [INFO] Booting worker with pid: 42
[2022-05-12 16:55:35 +0800] [43] [INFO] Booting worker with pid: 43
[2022-05-12 16:55:35 +0800] [40] [INFO] Started server process [40]
[2022-05-12 16:55:35 +0800] [40] [INFO] Waiting for application startup.
[2022-05-12 16:55:35 +0800] [40] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:55:35 +0800] [40] [INFO] Application startup complete.
[2022-05-12 16:55:35 +0800] [41] [INFO] Started server process [41]
[2022-05-12 16:55:35 +0800] [41] [INFO] Waiting for application startup.
[2022-05-12 16:55:35 +0800] [41] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:55:35 +0800] [41] [INFO] Application startup complete.
[2022-05-12 16:55:35 +0800] [42] [INFO] Started server process [42]
[2022-05-12 16:55:35 +0800] [42] [INFO] Waiting for application startup.
[2022-05-12 16:55:35 +0800] [42] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:55:35 +0800] [42] [INFO] Application startup complete.
[2022-05-12 16:55:35 +0800] [43] [INFO] Started server process [43]
[2022-05-12 16:55:35 +0800] [43] [INFO] Waiting for application startup.
[2022-05-12 16:55:35 +0800] [43] [INFO] ASGI 'lifespan' protocol appears unsupported.
[2022-05-12 16:55:35 +0800] [43] [INFO] Application startup complete.
4.用ldap賬號登入頁面進行測試。
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/15498/viewspace-2893931/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- SQL稽核 | SQLE-SQL稽核平臺體驗報告SQL
- Yearning + Inception SQL稽核平臺搭建SQL
- docker Yearning+Inception SQL稽核平臺DockerSQL
- 線上教育平臺搭建具體步驟
- 構建良好雲平臺的7個步驟
- 配置 Windows Terminal 步驟Windows
- Archery 平臺執行DDL error:Threads_connected exceeds its critical thresholdErrorthread
- LDAP系列(三)LDAP + Samba 安裝配置LDASamba
- 高質量平臺的SEO操作思路和步驟
- 建立數字藏品藝術平臺需要哪些步驟
- Mac OS 配置Maven步驟MacMaven
- Console LDAP 配置解密LDA解密
- bladeX物聯網平臺私庫操作處理步驟
- 優化 SQL 語句的步驟優化SQL
- 用SQL建立索引的方法步驟SQL索引
- 配置PLSQL Developer詳細步驟SQLDeveloper
- laravel 使用guzzlehttp/guzzle 配置步驟LaravelHTTP
- 1.3.3.4. 步驟3:啟動SQL*PlusSQL
- mysql稽核平臺yearning及inception安裝MySql
- ubuntu 配置拼音輸入法步驟Ubuntu
- Github配置ssh key詳細步驟Github
- 測試平臺系列(79) 編寫Redis配置功能(下)Redis
- 去中心化金融平臺deFI開發優勢及步驟詳解中心化
- 網上鑑定網投平臺真假不可疏忽的幾個步驟
- SQL稽核 | 如何使用 SQLE 進行開發階段 SQL稽核SQL
- SAP MM 關於STO步驟和配置
- 騰訊雲資料永珍內容稽核詳細步驟(JAVA版)Java
- 海思hi3512方案平臺SDK安裝步驟介紹
- nft數字藏品交易平臺開發(規則步驟)及原始碼案例原始碼
- Inception SQL稽核註解SQL
- Cocos2d-x環境配置步驟
- DKhadoop環境安裝配置步驟詳解Hadoop
- Oracle 11g dataguard 配置簡約步驟Oracle
- realvnc linux,realvnc linux配置的8個步驟VNCLinux
- Jaspersoft?Studio新增mysql資料庫配置步驟MySql資料庫
- SQL隱碼攻擊之常見注入的步驟④SQL
- 揭秘UGO SQL稽核功能4大特性,讓業務平滑遷移至GaussDBGoSQL
- 極狐GitLab 如何配置多個 LDAP?GitlabLDA