You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2018/01/18 20:08:00 UTC

[jira] [Resolved] (AMBARI-20860) BE: Improve User Account Management

     [ https://issues.apache.org/jira/browse/AMBARI-20860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Levas resolved AMBARI-20860.
-----------------------------------
    Resolution: Fixed

> BE: Improve User Account Management 
> ------------------------------------
>
>                 Key: AMBARI-20860
>                 URL: https://issues.apache.org/jira/browse/AMBARI-20860
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>    Affects Versions: 3.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>            Priority: Major
>              Labels: authentication, security
>             Fix For: 3.0.0
>
>
> Update the backend for improved user management.  
> User management tables in the DB should be:
> *{{users}}*
> ||Name||Type||Description||
> |user_id|INTEGER|Internal unique identifier|
> |principal_id|INTEGER|Foreign key from adminprincipal table|
> |user_name|VARCHAR|Unique, case-insensitive, login identifier expected to be used when logging into Ambari|
> |create_time|TIMESTAMP|Creation time for this account in Ambari|
> |active|BOOLEAN|Active/not active flag|
> |consecutive_failed_auth_attemps|INTEGER|The number a failed authorization attempts since the last successful authentication|
> |active_widgets_layout|VARCHAR| |
> |display_name|VARCHAR|Cosmetic name value to show the user in user interfaces|
> |local_username|VARCHAR|Case-sensitive username to use when impersonating user in facilities like Ambari Views|
> * Primary Key: {{user_id}}
> * Foreign Key: {{principal_id}} -> {{adminprincipal.principal_id}}
> *{{user_authentication}}*
> ||Name||Type||Description||
> |user_authentication_id|INTEGER|Primary key for this table|
> |user_id|INTEGER|Foreign key from users table|
> |authentication_type|VARCHAR|Type of authentication system - LOCAL, LDAP,  KERBEROS, JTW, PAM, etc...
> |authentication_key|VARCHAR|Type-specific key (or identifier):
> * LOCAL: the user's password (digest)
> * LDAP: the user’s distinguished name
> * KERBEROS: the user’s principal
> * etc...|
> |create_time|TIMESTAMP|Creation time of this record
> |update_time|TIMESTAMP|Update time for this record, can be used to enforce password retention times|
> * Primary Key: {{user_authentication_id}}
> * Foreign Key: {{user_id}} -> {{users.user_id}}
> Java code needs to change accordingly.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)