Return-Path: 
 <dev-return-70091-apmail-ambari-dev-archive=ambari.apache.org@ambari.apache.org>
X-Original-To: apmail-ambari-dev-archive@www.apache.org
Delivered-To: apmail-ambari-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id AFD48173F4
	for <apmail-ambari-dev-archive@www.apache.org>;
 Wed,  6 May 2015 18:23:01 +0000 (UTC)
Received: (qmail 86466 invoked by uid 500); 6 May 2015 18:23:01 -0000
Delivered-To: apmail-ambari-dev-archive@ambari.apache.org
Received: (qmail 86430 invoked by uid 500); 6 May 2015 18:23:01 -0000
Mailing-List: contact dev-help@ambari.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@ambari.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@ambari.apache.org>
List-Post: <mailto:dev@ambari.apache.org>
List-Id: <dev.ambari.apache.org>
Reply-To: dev@ambari.apache.org
Delivered-To: mailing list dev@ambari.apache.org
Received: (qmail 86385 invoked by uid 99); 6 May 2015 18:23:01 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 May 2015 18:23:01 +0000
Date: Wed, 6 May 2015 18:23:01 +0000 (UTC)
From: "Robert Levas (JIRA)" <jira@apache.org>
To: dev@ambari.apache.org
Message-ID: <JIRA.12781015.1426027149000.26822.1430936581452@Atlassian.JIRA>
In-Reply-To: <JIRA.12781015.1426027149000@Atlassian.JIRA>
References: <JIRA.12781015.1426027149000@Atlassian.JIRA>
 <JIRA.12781015.1426027149237@arcas>
Subject: [jira] [Updated] (AMBARI-10018) Kerberos: Password generator needs
 to generate passwords based on rules to satisfy password policy
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/AMBARI-10018?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Levas updated AMBARI-10018:
----------------------------------
    Attachment: AMBARI-10018_02.patch

Moved secure password creation to a separate class so it may be reused.

Patch File [^AMBARI-10018_02.patch]

> Kerberos: Password generator needs to generate passwords based on rules to satisfy password policy
> --------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-10018
>                 URL: https://issues.apache.org/jira/browse/AMBARI-10018
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos
>             Fix For: 2.1.0
>
>         Attachments: AMBARI-10018_01.patch, AMBARI-10018_02.patch
>
>
> The password generator used to generate passwords for identities needs to generate passwords based on a rule set rather than just a random sequence of characters. 
> In a KDC (MIT or Active Directory), there may be a policy in place requiring a certain characteristics for the password. By creating a password consisting if 18 characters pulled randomly from {{abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890?.!$%^*()-_+=~}}, there is no guarantee that any specific policy will be met. 
> The following rules should be settable:
> * Length
> * Minimum number of lowercase letters (a-z)
> * Minimum number of uppercase letters (A-Z)
> * Minimum number of digits (0-9)
> * Minimum number of punctuation characters ({{?.!$%^*()-_+=~}})



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)