You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Hudson (JIRA)" <ji...@apache.org> on 2018/01/31 00:06:00 UTC

[jira] [Commented] (AMBARI-22876) Disable consecutive authentication failure account lockout feature by default

    [ https://issues.apache.org/jira/browse/AMBARI-22876?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16346021#comment-16346021 ] 

Hudson commented on AMBARI-22876:
---------------------------------

SUCCESS: Integrated in Jenkins build Ambari-trunk-Commit #8659 (See [https://builds.apache.org/job/Ambari-trunk-Commit/8659/])
[AMBARI-22876] Disable consecutive authentication failure account (rlevas: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=130fbbfeba64cd33e037485041f8fb963c32c036])
* (edit) ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
* (edit) ambari-server/src/test/java/org/apache/ambari/server/security/authentication/pam/AmbariPamAuthenticationProviderTest.java
* (edit) ambari-server/docs/configuration/index.md
* (edit) ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java


> Disable consecutive authentication failure account lockout feature by default
> -----------------------------------------------------------------------------
>
>                 Key: AMBARI-22876
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22876
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.7.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>            Priority: Major
>              Labels: authentication, pull-request-available
>             Fix For: 2.7.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Disable consecutive authentication failure account lockout feature by default. This feature locks an account after a configured number of failed authentication attempts. By defaulting {{authentication.local.max.failures}} to {{0}}, this feature will be disabled by default.
> If enabled, a user account may be locked out due to number of authentication failures. There is a REST API call to unlock the user; however a user interface change will not be available until Ambari 3.x.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)