This feature is available for Imply Druid 2.6.0 or greater
Step 1: Make sure to include
druid-basic-security as an extension.
Step 2: Also add following configs to the
druid.auth.authenticatorChain=["basic"] druid.auth.authenticator.basic.type=basic druid.auth.authenticator.basic.initialAdminPassword=priest druid.auth.authenticator.basic.initialInternalClientPassword=warlock druid.auth.authenticator.basic.authorizerName=basic druid.escalator.type=basic druid.escalator.internalClientUsername=druid_system druid.escalator.internalClientPassword=warlock druid.escalator.authorizerName=basic druid.auth.authorizers=["basic"] druid.auth.authorizer.basic.type=basic
When the extension is first loaded, it looks at these properties to determine what initial password to set for the `admin` user and the `druid_system` user. After that these properties do nothing
Both `admin` and `druid_system` have R/W * privileges, and are automatically created if an initial password is set for them. In our case, `priest` is the password for `admin` and `warlock` is for `druid_system`.
Step 3: Start the Druid cluster and you can now create and manager users:
[root@mf-amos263 extensions]# curl -u admin:priest -X POST http://localhost:8081/druid-ext/basic-security/authentication/db/basic/users/ocean [root@mf-amos263 extensions]# [root@mf-amos263 extensions]# curl -u admin:priest -X GET http://localhost:8081/druid-ext/basic-security/authentication/db/basic/users/ ["admin","druid_system","ocean"] [root@mf-amos263 extensions]# [root@mf-amos263 extensions]# curl -u druid_system:warlock -X GET http://localhost:8081/druid-ext/basic-security/authentication/db/basic/users/
To further managing the users and their roles, please refer to: https://docs.imply.io/cloud/deploy/security#managing-druid-api-users
For other functions in
druid-basic-security, please check reference.