[
https://issues.apache.org/jira/browse/RANGER-842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15143173#comment-15143173
]
Ramesh Mani commented on RANGER-842:
------------------------------------
[~bolke] what I meant was ranger admin users properties in
ranger-admin-default-site.xml and ranger-admin-site.xml ->
ranger.authentication.method to define which kind of authentication is used.
when PAM is in place we just change this property to "PAM" and this should take
care of the authentication via "PAM", I wanted some writeup on how to test this
mechanism if I need to do.
Also regarding kerberos, I see that PAM can be configured with Kerberos and if
its done like that we don't need any addition parameters in ranger-admin to
handle this?
> Allow PAM for authentication
> ----------------------------
>
> Key: RANGER-842
> URL: https://issues.apache.org/jira/browse/RANGER-842
> Project: Ranger
> Issue Type: Improvement
> Components: admin
> Affects Versions: 0.5.1, 0.6.0
> Reporter: Bolke de Bruin
> Labels: authentication, security
> Fix For: 0.5.1, 0.6.0
>
> Attachments:
> 0001-Implements-ranger-admin-authentication-remote-and-na.patch
>
>
> Ranger currently uses shadow based authentication if configured for unix
> authentication. This way of authenticating is somewhat outdated as any recent
> Linux system (and many of the BSDs) have PAM available. PAM allows multiple
> authentication sources and also does authorization.
> Ranger should be able to use PAM for authentication
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
