Hitachi Content Platform​

 View Only

 Using HCP HS3 with AD Authentication

  • General
  • Development
  • Object Storage
  • Hitachi Content Platform HCP
Data Conversion's profile image
Data Conversion posted 10-30-2018 22:27

HCP Documentation states that we can use Active Directory accounts for HS3 authentication by passing HTTP Header

Active Directory authentication

To provide credentials for Active Directory authentication, you use the Authorization request header with a value in the format shown below:

Authorization: AD ad-username:ad-password

In this format:

•ad-username is the AD user account username.

•ad-password is the AD user account password.

Here’s an example of an Authorization header for AD authentication:

Authorization: AD mailto:lgreen@example.com:p4sswOrd

AWS Java SDK allows me to add custom headers, so I'm ok here, but SDK still expects me to pass Basic AWS authentication information. If I use empty or random string - I get this error:

com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain 

        at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)

So how do I tell AWS Java SDK to use AD Authorization header only and do not pass any AWS authentication data?

Thank you!


#HitachiContentPlatformHCP
#Development
Data Conversion's profile image
Data Conversion posted 10-31-2018 02:59

What I'm thinking about is to make Anonymous AWS call, but supplying "Authorization: AD mailto:user@domain.com" HTTP header.

Benjamin Clifford's profile image
Benjamin Clifford posted 11-01-2018 19:58

Hi Aleks, thank you for asking this question. I have been meaning to post a message to the community about this and your question was the motivation I needed. We introduced the capability to do exactly what you are asking with HCP 8.0. Please see the linked blog post for a working code example: Use Active Directory Credentials with HCP and the AWS Java SDK: A Working Example

Data Conversion's profile image
Data Conversion posted 11-01-2018 20:42

Thank you Ben!

Aleksandr Rainchik's profile image
Aleksandr Rainchik posted 01-15-2021 16:09

Benjamin, that link for "Use Active Directory Credentials with HCP and the AWS Java SDK: A Working Example" is not working anymore.

 

Do you have different link you can share?

 

Thank you!

Aleksandr Rainchik's profile image
Aleksandr Rainchik posted 01-15-2021 16:17

Updated link:

 

https://community.hitachivantara.com/s/article/use-active-directory-credentials-with-hcp-and-the-aws-java-sdk-a-working-example/

Benjamin Clifford's profile image
Benjamin Clifford posted 01-15-2021 16:28

I see you found it. Take care.

Related Content