Hello Team,
I installed nginx-auth-ldap module in my nginx server.I able to authenticate ldap users to access elasticsearch indexes.
Here is the scenario that I am trying to achieve.
I have two roles configured in my LDAP.
Level1 - Users under this role should have access to only perticular indexes.
Level2 - Users under this role should have access to all the indexes.
how to specify above permissions in my nginx.conf file
nginx.conf file as follows
events {
worker_connections 1024;
}
http {
ldap_server LDAP1 {
url "ldap://xxx.xxx.x.xxx/cn=xx,ou=yy,dc=test,dc=com?uid?sub?(objectClass=posixAccount)";
binddn "cn=xx,dc=test,dc=com";
binddn_passwd "xx";
group_attribute uid;
group_attribute_is_dn on;
require valid_user;
}
upstream elasticsearch {
ip_hash;
server xxx.xxx.x.xxxx;
}
server {
listen 80;
auth_ldap "Please enter your ldap credentials";
auth_ldap_servers LDAP1;
location /{
root html;
index index.html index.htm;
if ($request_method ~* "^(DELETE)$") {
return 403;
}
proxy_pass http://elasticsearch;
include /usr/local/nginx/conf/fastcgi_params;
}
}
}
Please suggest me where I am going wrong.
Thanks,
xxxxx