You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Keta Patel (JIRA)" <ji...@apache.org> on 2017/04/18 05:22:41 UTC

[jira] [Commented] (AMBARI-20768) Local Ambari user with no cluster role must not be able to access Logsearch UI

    [ https://issues.apache.org/jira/browse/AMBARI-20768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15972140#comment-15972140 ] 

Keta Patel commented on AMBARI-20768:
-------------------------------------

The patch **AMBARI-20768.patch** contains the fix for this issue. The fix involves correction in 2 places in the LogsearchExternalServerAuthenticationProvider class.
1. In order to prevent a local user with no cluster roles assigned to it from logging into Logsearch UI, we return **false**.
2. We implicitly check whether the user is an Ambari Administrator or not, thus removing the requirement of having "AMBARI.ADMINISTRATOR" role in the "logsearch.roles.allowed" property on the UI. Now, even if some user removes the "AMBARI.ADMINISTRATOR" property from the UI, it will not affect the Ambari admin's accessibility to the Logsearch UI. Ambari Admins will always be allowed to login.

The results of the logsearch tests are shown in the screenshot "all_tests_successful.png" screenshot after applying the patch.

> Local Ambari user with no cluster role must not be able to access Logsearch UI
> ------------------------------------------------------------------------------
>
>                 Key: AMBARI-20768
>                 URL: https://issues.apache.org/jira/browse/AMBARI-20768
>             Project: Ambari
>          Issue Type: Bug
>          Components: logsearch
>    Affects Versions: trunk, 2.5.0
>            Reporter: Keta Patel
>            Assignee: Keta Patel
>         Attachments: all_tests_successful.png, AMBARI-20768.patch
>
>
> A local Ambari user with no cluster roles assigned to it can successfully log into the Logsearch UI.
> Logsearch service exercises restriction on who can access its UI using a property "logsearch.roles.allowed". This property is a comma-separated list of roles to be allowed access to Logsearch UI. This defect deals with the following 2 issues:
> 1. If Logsearch service requires that only certain roles be allowed to access its UI, then a local Ambari user with no roles must not be allowed to access the UI.
> 2. If some user with privilege to edit the config properties, updates "logsearch.roles.allowed" by removing the "AMBARI.ADMINISTRATOR" role from its list, then the Ambari Admins will not be able to access the Logsearch UI. This violates the Ambari Administrator privilege which must be able to access all frames of Ambari UI as well as perform all UI operations.
> DESIRED BEHAVIOR:
> =================
> 1. A local user with no role assigned to it, must not be able to access Logsearch UI.
> 2. Ambari Administrators must be always be allowed to access the Logsearch UI. No user is allowed to revoke this access right of Ambari Administrator for the Logsearch UI.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)