Robert Levas created AMBARI-22747:
-------------------------------------
Summary: Loosely handle users authenticating from remote sources
(LDAP, PAM, etc)
Key: AMBARI-22747
URL: https://issues.apache.org/jira/browse/AMBARI-22747
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 3.0.0
Reporter: Robert Levas
Assignee: Robert Levas
Fix For: 3.0.0
Loosely handle users authenticating from remote sources (LDAP, PAM, etc) such
that minimal information is store in the Ambari database, relying on
information from the remote sources to provide details like group membership
and username.
Group membership, consecutive authentication failure count, and etc... should
not be stored in the Ambari database for user accounts that are not
authenticated locally.
To do this, convert the {{users}} table into the following tables:
*user*
* user_id (primary key)
* principal_id (foreign key to adminprincipal table)
* user_name
* authentication_source (LOCAL, LDAP, PAM)
* active_widget_layouts
* create_time
*local_user_authentication*
* user_id (foreign key to user table)
* password
* active
* consecutive_failures
* create_time
* update_time
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
