[
https://issues.apache.org/jira/browse/AMBARI-10018?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Levas updated AMBARI-10018:
----------------------------------
Description:
The password generator used to generate passwords for identities needs to
generate passwords based on a rule set rather than just a random sequence of
characters.
In a KDC (MIT or Active Directory), there may be a policy in place requiring a
certain characteristics for the password. By creating a password consisting if
18 characters pulled randomly from
{{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}},
there is no guarantee that any specific policy will be met.
The following rules should be settable:
* Minimum length
* Minimum number of lowercase letters (a-z)
* Minimum number of uppercase letters (A-Z)
* Minimum number of digits (0-9)
* Minimum number of punctuation characters ({{?.!$%^*()-_+=~}})
was:
The password generator used to generate passwords for identities needs to
generate passwords based on a pattern rather than just a random sequence of
characters.
For the MIT KDC, this isn't an issue; however for an Active Directory, there
may be a policy in place requiring a certain characteristics for the password.
By creating a password consisting if 18 characters pulled randomly from
{{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}},
there is no guarantee that any specific policy will be met.
> Kerberos: Password generator needs to generate passwords based on a pattern
> ---------------------------------------------------------------------------
>
> Key: AMBARI-10018
> URL: https://issues.apache.org/jira/browse/AMBARI-10018
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.0.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Labels: kerberos
> Fix For: 2.1.0
>
>
> The password generator used to generate passwords for identities needs to
> generate passwords based on a rule set rather than just a random sequence of
> characters.
> In a KDC (MIT or Active Directory), there may be a policy in place requiring
> a certain characteristics for the password. By creating a password consisting
> if 18 characters pulled randomly from
> {{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}},
> there is no guarantee that any specific policy will be met.
> The following rules should be settable:
> * Minimum length
> * Minimum number of lowercase letters (a-z)
> * Minimum number of uppercase letters (A-Z)
> * Minimum number of digits (0-9)
> * Minimum number of punctuation characters ({{?.!$%^*()-_+=~}})
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
