You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2018/01/08 14:02:00 UTC
[jira] [Created] (AMBARI-22747) Loosely handle users authenticating
from remote sources (LDAP, PAM, etc)
Robert Levas created AMBARI-22747:
-------------------------------------
Summary: Loosely handle users authenticating from remote sources (LDAP, PAM, etc)
Key: AMBARI-22747
URL: https://issues.apache.org/jira/browse/AMBARI-22747
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 3.0.0
Reporter: Robert Levas
Assignee: Robert Levas
Fix For: 3.0.0
Loosely handle users authenticating from remote sources (LDAP, PAM, etc) such that minimal information is store in the Ambari database, relying on information from the remote sources to provide details like group membership and username.
Group membership, consecutive authentication failure count, and etc... should not be stored in the Ambari database for user accounts that are not authenticated locally.
To do this, convert the {{users}} table into the following tables:
*user*
* user_id (primary key)
* principal_id (foreign key to adminprincipal table)
* user_name
* authentication_source (LOCAL, LDAP, PAM)
* active_widget_layouts
* create_time
*local_user_authentication*
* user_id (foreign key to user table)
* password
* active
* consecutive_failures
* create_time
* update_time
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)