[
https://issues.apache.org/jira/browse/RANGER-842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15142651#comment-15142651
]
Bolke de Bruin commented on RANGER-842:
---------------------------------------
[~rmani] I'm not sure what you are aiming at. This is an additional
authentication mechanism next to LDAP, AD, UNIX (by means of /etc/passwd). See
also #ranger-827. The way authentication works I am not interfering with and
was a design choice in Ranger. What do you mean by additional properties? If
what you are referring to is not replacing "UNIX /etc/passwd authentication"
with PAM then this is for backwards compatibility reasons. If something else
please elaborate.
This patch does not interfere with neither Kerberos or SSL.
On a side note: can someone explain me why the build fails? The logs do not
indicate much and locally it builds fine.
> Allow PAM for authentication
> ----------------------------
>
> Key: RANGER-842
> URL: https://issues.apache.org/jira/browse/RANGER-842
> Project: Ranger
> Issue Type: Improvement
> Components: admin
> Affects Versions: 0.5.1, 0.6.0
> Reporter: Bolke de Bruin
> Labels: authentication, security
> Fix For: 0.5.1, 0.6.0
>
> Attachments:
> 0001-Implements-ranger-admin-authentication-remote-and-na.patch
>
>
> Ranger currently uses shadow based authentication if configured for unix
> authentication. This way of authenticating is somewhat outdated as any recent
> Linux system (and many of the BSDs) have PAM available. PAM allows multiple
> authentication sources and also does authorization.
> Ranger should be able to use PAM for authentication
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
