You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Hudson (JIRA)" <ji...@apache.org> on 2018/02/16 13:15:08 UTC

[jira] [Commented] (AMBARI-20768) Local Ambari user with no cluster role must not be able to access Logsearch UI

    [ https://issues.apache.org/jira/browse/AMBARI-20768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16367148#comment-16367148 ] 

Hudson commented on AMBARI-20768:
---------------------------------

FAILURE: Integrated in Jenkins build Ambari-trunk-Commit #8744 (See [https://builds.apache.org/job/Ambari-trunk-Commit/8744/])
AMBARI-20768. Local Ambari user with no cluster role must not be able to (aonishuk: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=c8de2d07191c014504111a1d55db259d250fbef5])
* (edit) ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java


> Local Ambari user with no cluster role must not be able to access Logsearch UI
> ------------------------------------------------------------------------------
>
>                 Key: AMBARI-20768
>                 URL: https://issues.apache.org/jira/browse/AMBARI-20768
>             Project: Ambari
>          Issue Type: Bug
>          Components: logsearch
>    Affects Versions: trunk, 2.5.0
>            Reporter: Keta Patel
>            Assignee: Keta Patel
>            Priority: Major
>             Fix For: 2.5.1
>
>         Attachments: AMBARI-20768_branch-2.5.0.patch, AMBARI-20768_branch-2.5_updated.patch, all_tests_successful.png
>
>
> A local Ambari user with no cluster roles assigned to it can successfully log into the Logsearch UI.
> Logsearch service exercises restriction on who can access its UI using a property "logsearch.roles.allowed". This property is a comma-separated list of roles to be allowed access to Logsearch UI. This defect deals with the following issue:
> 1. If Logsearch service requires that only certain roles be allowed to access its UI, then a local Ambari user with no roles must not be allowed to access the UI.
> DESIRED BEHAVIOR:
> =================
> 1. A local user with no role assigned to it, must not be able to access Logsearch UI.
> Note: The description has been updated by removing the aspect of correcting the behavior for Ambari Administrator role for the Logsearch UI.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)