User authentication via LDAP (Lightweight Directory Access Protocol) provides a very flexible way for administrators to configure the set of users who can use RapidMiner Server and also assign the appropriate rights for them. It also provides the users with a convenient way to authenticate themselves by using their corporate username and password.
Setting up LDAP authentication means that RapidMiner Server will be able to authenticate users via an LDAP server. Such a server could for example be OpenLDAP or Microsoft Active Directory. The passwords of LDAP users are not stored in the database of RapidMiner Server. Instead, login attempts are forwarded to the LDAP server directly. If the authentication is successful RapidMiner server will grant access depending on the LDAP group memberships and the mirror group configuration on RapidMiner Server. This feature is disabled by default as it requires some configuration from the administrator.
Users created locally on RapidMiner Server can be also authenticated via LDAP if they exist on the LDAP server. In this case, the first successful LDAP authentication turns the user into an LDAP-authenticated user.
- Enable LDAP authentication
- Set up mirror groups to automatically manage LDAP users
- Configure username and group filters to restrict access to RapidMiner Server to only a specific set of LDAP users
- Encrypt the local-security settings
- Radoop Proxy can be extended to support this authentication method see documentation here.