[jira] [Commented] (AMBARI-17383) User names should be case insensitive

Fri, 22 Jul 2016 17:27:49 -0700 

    [ 
https://issues.apache.org/jira/browse/AMBARI-17383?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15390408#comment-15390408
 ] 

Tuong Truong commented on AMBARI-17383:
---------------------------------------

Hi [~smnaha], [~sumitmohanty] [~rlevas], we just tripped over this JIRA while 
trying to test our PAM integration implementation 
(https://issues.apache.org/jira/browse/AMBARI-12263).    Previous JIRA to make 
Ambari UI case-sensitive (https://issues.apache.org/jira/browse/AMBARI-13997) 
was not fully complete which causde an error reported in AMBARI-17359.   I feel 
we should have addressed AMBARI-17359 properly by complete the support for 
case-sensitive userid instead.

This JIRA has reverted the case-sensitivity support, and while this change may 
be OK for Ambari private users, but OS users and other directory services 
(LDAP/AD) are typically case sensitive.   The case-insensitive support has 
created some inconsistency problems when integrating with PAM and even LDAP 
with granting permission to users in Ambari (since they are all lower-case).   
This is because admin and Admin will be mapped to admin.  So this open a 
potential for identity hijiack in term of the authority granting in Ambari.

I think we should revisit the decision of case insensitivity support.  What do 
you think?  We do have some customers requesting case-sensitivty support in 
Ambari. 

> User names should be case insensitive
> -------------------------------------
>
>                 Key: AMBARI-17383
>                 URL: https://issues.apache.org/jira/browse/AMBARI-17383
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.4.0
>            Reporter: Nahappan Somasundaram
>            Assignee: Nahappan Somasundaram
>            Priority: Critical
>             Fix For: 2.4.0
>
>         Attachments: rb49119 (1).patch
>
>
> User names should be case insensitive. The following usernames are the same:
> VIEWUSER
> viewUser
> viewuser
> Before adding a new user, a case sensitive search is made. Change this to 
> case insensitive. Additionally, store user names in the DB in lower case.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to