Suppose I have an application X currently managed through FreeIPA LDAP
(that application query directly freeIPA LDAP).
Suppose I also have an enterprise IdP for SAML communication.
My application is used by another application Y that is customer facing and
uses impersonation. At some point needs to retrieve groups for the end-user
(hence the LDAP query).
Now I want to move all my auth authz workflow to SAML. My problem is that
if I do that, my local LDAP DB is not populated with my enterprise IdP
users and groups and my distant IdP can't be queried in LDAP by my
application X so I can't retrieve my group.
Is there a way to make this workflow work using some functionality in
X = Hdfs
Y = any application that gives access to hdfs data for example Dataiku
Show replies by date