You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2017/05/01 20:51:04 UTC

[jira] [Created] (AMBARI-20907) Create Database Schema for Improved User Account Management

Robert Levas created AMBARI-20907:
-------------------------------------

             Summary: Create Database Schema for Improved User Account Management
                 Key: AMBARI-20907
                 URL: https://issues.apache.org/jira/browse/AMBARI-20907
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 3.0.0
            Reporter: Robert Levas
            Assignee: Robert Levas
            Priority: Critical
             Fix For: 3.0.0


User management tables in the DB should be:

*{{users}}*
||Name||Type||Description||
|user_id|INTEGER|Internal unique identifier|
|principal_id|INTEGER|Foreign key from adminprincipal table|
|user_name|VARCHAR|Unique, case-insensitive, login identifier expected to be used when logging into Ambari|
|create_time|TIMESTAMP|Creation time for this account in Ambari|
|active|BOOLEAN|Active/not active flag|
|consecutive_failed_auth_attemps|INTEGER|The number a failed authorization attempts since the last successful authentication|
|active_widgets_layout|VARCHAR| |
|display_name|VARCHAR|Cosmetic name value to show the user in user interfaces|
|local_username|VARCHAR|Case-sensitive username to use when impersonating user in facilities like Ambari Views|
* Primary Key: {{user_id
* Foreign Key: {{principal_id}} -> {{adminprincipal.principal_id}}

*{{user_authentication}}*
||Name||Type||Description||
|user_authentication_id|INTEGER|Primary key for this table|
|user_id|INTEGER|Foreign key from users table|
|type|VARCHAR|Type of authentication system - LOCAL, LDAP,  KERBEROS, JTW, PAM, etc...
|key|VARCHAR|Type-specific key (or identifier):
* LOCAL: the user's password (digest)
* LDAP: the user’s distinguished name
* KERBEROS: the user’s principal
* etc...|
|create_time|TIMESTAMP|Creation time of this record
|update_time|TIMESTAMP|Update time for this record, can be used to enforce password retention times|
* Primary Key: {{user_authentication_id}}
* Foreign Key: {{user_id}} -> {{users.user_id}}




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)