You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2017/04/26 19:12:04 UTC
[jira] [Updated] (AMBARI-20864) FE: Update User Management View to
Manage New Data
[ https://issues.apache.org/jira/browse/AMBARI-20864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-20864:
----------------------------------
Description:
Update the User Management view to manage new data associated with user accounts.
Each user account will have the following _general_ data fields:
* username (essentially the unique user id)
* active/inactive
* locked/unlocked (read-only, based on whether the number of failed authentication attempts exceeds some configured value or not)
* display name (the name to show in user interfaces or messages)
* local username (the username to use when using Views or services)
Each user account will include a set of authentication _sources_: LOCAL, LDAP, KERBEROS, PAM, etc... Each source, though linked to the same user can be managed separately and specifically depending on the type:
*LOCAL*
* One only one LOCAL authentication source is allowed.
* Ambari Administrators should be able to add and modify this source by setting the "local" password.
* The user should be able to change the password (if the source is available)
*LDAP*
* Multiple LDAP sources may be available - used to represent the same user found in multiple places in the LDAP tree (or forrest). See [AMBARI-15554|https://issues.apache.org/jira/browse/AMBARI-15554].
* Ambari Administrators should be able to add and modify this source by setting the user's distinguished name (DN). However, the admin should be warned that incorrectly setting this value will result in authentication failures.
* Adding entries for this source should be available if and only Ambari is configured to allow LDAP authentication
* A user may not alter these entries
*KERBEROS*
* Multiple KERBEROS sources may be available - used to represent the same user with multiple Kerberos identities.
* Ambari Administrators should be able to add and modify this source by setting the user's principal name. However, the admin should be warned that incorrectly setting this value will result in authentication failures.
* Adding entries for this source should be available if and only Ambari is configured to allow Kerberos authentication
* A user may not alter these entries
*PAM*
* Not yet fully supported, more information is needed
was:
Update the User Management view to display new data associated with user accounts.
Each user account will have the following _general_ data fields:
* username (essentially the unique user id)
* active/inactive
* locked/unlocked (read-only, based on whether the number of failed authentication attempts exceeds some configured value or not)
* display name (the name to show in user interfaces or messages)
* local username (the username to use when using Views or services)
Each user account will include a set of authentication _sources_: LOCAL, LDAP, KERBEROS, PAM, etc... Each source, though linked to the same user can be managed separately and specifically depending on the type:
*LOCAL*
* One only one LOCAL authentication source is allowed.
* Ambari Administrators should be able to add and modify this source by setting the "local" password.
* The user should be able to change the password (if the source is available)
*LDAP*
* Multiple LDAP sources may be available - used to represent the same user found in multiple places in the LDAP tree (or forrest). See [AMBARI-15554|https://issues.apache.org/jira/browse/AMBARI-15554].
* Ambari Administrators should be able to add and modify this source by setting the user's distinguished name (DN). However, the admin should be warned that incorrectly setting this value will result in authentication failures.
* Adding entries for this source should be available if and only Ambari is configured to allow LDAP authentication
* A user may not alter these entries
*KERBEROS*
* Multiple KERBEROS sources may be available - used to represent the same user with multiple Kerberos identities.
* Ambari Administrators should be able to add and modify this source by setting the user's principal name. However, the admin should be warned that incorrectly setting this value will result in authentication failures.
* Adding entries for this source should be available if and only Ambari is configured to allow Kerberos authentication
* A user may not alter these entries
*PAM*
* Not yet fully supported, more information is needed
> FE: Update User Management View to Manage New Data
> ---------------------------------------------------
>
> Key: AMBARI-20864
> URL: https://issues.apache.org/jira/browse/AMBARI-20864
> Project: Ambari
> Issue Type: Task
> Components: ambari-web
> Affects Versions: 3.0.0
> Reporter: Robert Levas
> Assignee: Yusaku Sako
> Fix For: 3.0.0
>
>
> Update the User Management view to manage new data associated with user accounts.
> Each user account will have the following _general_ data fields:
> * username (essentially the unique user id)
> * active/inactive
> * locked/unlocked (read-only, based on whether the number of failed authentication attempts exceeds some configured value or not)
> * display name (the name to show in user interfaces or messages)
> * local username (the username to use when using Views or services)
> Each user account will include a set of authentication _sources_: LOCAL, LDAP, KERBEROS, PAM, etc... Each source, though linked to the same user can be managed separately and specifically depending on the type:
> *LOCAL*
> * One only one LOCAL authentication source is allowed.
> * Ambari Administrators should be able to add and modify this source by setting the "local" password.
> * The user should be able to change the password (if the source is available)
> *LDAP*
> * Multiple LDAP sources may be available - used to represent the same user found in multiple places in the LDAP tree (or forrest). See [AMBARI-15554|https://issues.apache.org/jira/browse/AMBARI-15554].
> * Ambari Administrators should be able to add and modify this source by setting the user's distinguished name (DN). However, the admin should be warned that incorrectly setting this value will result in authentication failures.
> * Adding entries for this source should be available if and only Ambari is configured to allow LDAP authentication
> * A user may not alter these entries
> *KERBEROS*
> * Multiple KERBEROS sources may be available - used to represent the same user with multiple Kerberos identities.
> * Ambari Administrators should be able to add and modify this source by setting the user's principal name. However, the admin should be warned that incorrectly setting this value will result in authentication failures.
> * Adding entries for this source should be available if and only Ambari is configured to allow Kerberos authentication
> * A user may not alter these entries
> *PAM*
> * Not yet fully supported, more information is needed
>
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)