With custom authentication you can plug-in your own authentication system by using HTTP headers.
In this approach your own authentication proxy/code sitting in front of Lenses takes care the authentication and injects appropriate Headers in all HTTP requests for verified users.
Set up a custom authentication layer by introducing in security.conf:
security.conf
# Full classpath of customer authentication plugin lenses.security.plugin=com.mycompany.authentication.plugin.class.path
Lenses connects similarly to any other application to the infrastructure You can implement a plugin in a few hours in Java/Scala or other JVM technology by implementing one interface:
public interface HttpAuthenticationPlugin { UserAndGroups authenticate(HttpRequest request); }
The return object UserAndGroups will contain the username and the groups a person authentication belongs to (or raise an exception if no such user exists).
The best way to get started is to look into a sample open source implementation of such a plugin in GitHub.
To learn how to use data centric permissions for users and service accounts see acess management perimissions.
On this page
