Skip to main content

JaaS Authentication

Overview

The DataHub frontend server comes with support for plugging in JaaS modules. This allows you to use a custom authentication protocol to log your users into DataHub.

By default, we in include sample configuration of a file-based username / password authentication module (PropertyFileLoginModule) that is configured with a single username / password combination: datahub - datahub.

To change or extend the default behavior, you have multiple options, each dependent on which deployment environment you're operating in.

Modify user.props file directly (Local Testing)

The first option for customizing file-based users is to modify the file datahub-frontend/app/conf/user.props directly. Once you've added your desired users, you can simply run ./dev.sh or ./datahub-frontend/run-local-frontend to validate your new users can log in.

Mount a custom user.props file (Docker Compose)

By default, the datahub-frontend container will look for a file called user.props mounted at the container path /datahub-frontend/conf/user.props. If you wish to launch this container with a custom set of users, you'll need to override the default file mounting when running using docker-compose.

To do so, change the datahub-frontend-react service in the docker-compose.yml file containing it to include the custom file:

datahub-frontend-react:
build:
context: ../
dockerfile: docker/datahub-frontend/Dockerfile
image: linkedin/datahub-frontend-react:${DATAHUB_VERSION:-head}
env_file: datahub-frontend/env/docker.env
hostname: datahub-frontend-react
container_name: datahub-frontend-react
ports:
- "9002:9002"
depends_on:
- datahub-gms
volumes:
- ./my-custom-dir/user.props:/datahub-frontend/conf/user.props

And then run docker-compose up against your compose file.

Custom JaaS Configuration

In order to change the default JaaS module configuration, you will have to launch the datahub-frontend-react container with the custom jaas.conf file mounted as a volume at the location /datahub-frontend/conf/jaas.conf.

To do so, change the datahub-frontend-react service in the docker-compose.yml file containing it to include the custom file:

datahub-frontend-react:
build:
context: ../
dockerfile: docker/datahub-frontend/Dockerfile
image: linkedin/datahub-frontend-react:${DATAHUB_VERSION:-head}
env_file: datahub-frontend/env/docker.env
hostname: datahub-frontend-react
container_name: datahub-frontend-react
ports:
- "9002:9002"
depends_on:
- datahub-gms
volumes:
- ./my-custom-dir/jaas.conf:/datahub-frontend/conf/jaas.conf

And then run docker-compose up against your compose file.