This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Extending Authorization for Neo4j Enterprise

mdfrenchman
Graph Voyager

‎09-24-2021 06:47 AM

Can anyone tell me if the specific principal making a connection request to the graph is available in the AuthorizationPlugin.Adapter.authorize method?

From what I can tell, It's a collection of all principals and providers. I'm not sure if that collection is for the whole server or what the context of it is.

If anyone can point me to documentation on it that'd be much appreciated.

Thanks,
Mike

0 Kudos
Reply
2 REPLIES 2

olivia_ytterbri
Neo4j
Neo4j

‎09-29-2021 04:00 AM

The Collection<PrincipalAndProvider> in authorize contains the principal and the name of authentication provider that has been used e.g [(native, "mike"), (ldap, "mike")].
So if your plugin only should do authorization when the user has been authenticated through a specific authentication provider, you could check that here.
The documentation around this that I know of is at Authentication and authorization plugins - Neo4j Java Reference

0 Kudos
Reply

mdfrenchman
Graph Voyager
In response to olivia_ytterbri

‎09-29-2021 08:47 AM

Thanks Olivia! I can confirm this is what was occurring and limited the logic needed to key off the provider. Setting the auth_ttl setting in the neo4j.config made this a bit easier to figure out through testing.

0 Kudos
Reply
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online

Watch replays