You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2018/01/08 14:02:00 UTC

[jira] [Created] (AMBARI-22747) Loosely handle users authenticating from remote sources (LDAP, PAM, etc)

Robert Levas created AMBARI-22747:
-------------------------------------

             Summary: Loosely handle users authenticating from remote sources (LDAP, PAM, etc)
                 Key: AMBARI-22747
                 URL: https://issues.apache.org/jira/browse/AMBARI-22747
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 3.0.0
            Reporter: Robert Levas
            Assignee: Robert Levas
             Fix For: 3.0.0


Loosely handle users authenticating from remote sources (LDAP, PAM, etc) such that minimal information is store in the Ambari database, relying on information from the remote sources to provide details like group membership and username.

Group membership, consecutive authentication failure count, and etc... should not be stored in the Ambari database for user accounts that are not authenticated locally. 

To do this, convert the {{users}} table into the following tables:

*user*
* user_id  (primary key)
* principal_id (foreign key to adminprincipal table)
* user_name
* authentication_source (LOCAL, LDAP, PAM)
* active_widget_layouts
* create_time

*local_user_authentication*
* user_id (foreign key to user table)
* password
* active
* consecutive_failures
* create_time
* update_time




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)