ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emil Anca" <ea...@hortonworks.com>
Subject Re: Review Request 33742: Kerberos: Password generator needs to generate passwords based on rules to satisfy password policy
Date Mon, 04 May 2015 09:04:28 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/33742/#review82362
-----------------------------------------------------------

Ship it!



ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java
<https://reviews.apache.org/r/33742/#comment133096>

    Isn't this a feature we might reuse? If so we could provide a generically decribed interface
with #createSecurePassword and have the Kerb Oper Handler implement it to expose reuseable
functionality such as pass generation (or other features) to the non-kerberos code. Just a
thought;


- Emil Anca


On May 1, 2015, 1:02 a.m., Robert Levas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/33742/
> -----------------------------------------------------------
> 
> (Updated May 1, 2015, 1:02 a.m.)
> 
> 
> Review request for Ambari, Emil Anca, Jaimin Jetly, Robert Nettleton, and Yusaku Sako.
> 
> 
> Bugs: AMBARI-10018
>     https://issues.apache.org/jira/browse/AMBARI-10018
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> The password generator used to generate passwords for identities needs to generate passwords
based on a rule set rather than just a random sequence of characters. 
> 
> In a KDC (MIT or Active Directory), there may be a policy in place requiring a certain
characteristics for the password. By creating a password consisting if 18 characters pulled
randomly from `abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~`,
there is no guarantee that any specific policy will be met. 
> 
> The following rules should be settable:
> + Length
> + Minimum number of lowercase letters (`a-z`)
> + Minimum number of uppercase letters (`A-Z`)
> + Minimum number of digits (`0-9`)
> + Minimum number of punctuation characters (`?.!$%^*()-_+=~`)
> 
> 
> Diffs
> -----
> 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
f48c4cf 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java
13fb49b 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/DestroyPrincipalsServerAction.java
a215a56 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/FinalizeKerberosServerAction.java
4925582 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java
ed31ccf 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java
a92fb12 
>   ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
682d675 
>   ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.java
07094a7 
>   ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java
336090b 
>   ambari-web/app/data/HDP2/site_properties.js a35104e 
> 
> Diff: https://reviews.apache.org/r/33742/diff/
> 
> 
> Testing
> -------
> 
> Manual testing
> 
> **Jenkins test results: PENDING**
> 
> 
> Thanks,
> 
> Robert Levas
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message