[Pulp-list] external authentication/authorization

Vladimir Vasilev vvasilev at redhat.com
Thu Sep 1 19:47:07 UTC 2016

Hi all,

I'm trying to setup Pulp with external authentication and authorization
against LDAP server.
According to the docs direct LDAP access from pulp is deprecated so I
followed "Apache Preauthentication" [1]
Authentication works fine, pulp is trusting apache httpd with
REMOTE_USER variable set.
Problem is that the same LDAP user needs to exist in the internal pulp
database as well.

Is there a way to move both authentication and authorization to external
provider like LDAP?
At the end of the day I want to grant admin access to all LDAP accounts
which are member of particular group (memberOf attribute) without making
local pulp accounts.


[1] https://docs.pulpproject.org/user-guide/authentication.html

More information about the Pulp-list mailing list