You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/04/29 20:28:06 UTC

[jira] [Updated] (AMBARI-10018) Kerberos: Password generator needs to generate passwords based on a pattern

     [ https://issues.apache.org/jira/browse/AMBARI-10018?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Levas updated AMBARI-10018:
----------------------------------
    Description: 
The password generator used to generate passwords for identities needs to generate passwords based on a rule set rather than just a random sequence of characters. 

In a KDC (MIT or Active Directory), there may be a policy in place requiring a certain characteristics for the password. By creating a password consisting if 18 characters pulled randomly from {{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}}, there is no guarantee that any specific policy will be met. 

The following rules should be settable:
* Minimum length
* Minimum number of lowercase letters (a-z)
* Minimum number of uppercase letters (A-Z)
* Minimum number of digits (0-9)
* Minimum number of punctuation characters ({{?.!$%^*()-_+=~}})

  was:
The password generator used to generate passwords for identities needs to generate passwords based on a pattern rather than just a random sequence of characters. 

For the MIT KDC, this isn't an issue; however for an Active Directory, there may be a policy in place requiring a certain characteristics for the password. By creating a password consisting if 18 characters pulled randomly from {{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}}, there is no guarantee that any specific policy will be met. 



> Kerberos: Password generator needs to generate passwords based on a pattern
> ---------------------------------------------------------------------------
>
>                 Key: AMBARI-10018
>                 URL: https://issues.apache.org/jira/browse/AMBARI-10018
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos
>             Fix For: 2.1.0
>
>
> The password generator used to generate passwords for identities needs to generate passwords based on a rule set rather than just a random sequence of characters. 
> In a KDC (MIT or Active Directory), there may be a policy in place requiring a certain characteristics for the password. By creating a password consisting if 18 characters pulled randomly from {{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}}, there is no guarantee that any specific policy will be met. 
> The following rules should be settable:
> * Minimum length
> * Minimum number of lowercase letters (a-z)
> * Minimum number of uppercase letters (A-Z)
> * Minimum number of digits (0-9)
> * Minimum number of punctuation characters ({{?.!$%^*()-_+=~}})



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)