ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-13765) Encrypted value of the password is changed even when the value is not changed by the user
Date Fri, 06 Nov 2015 17:24:11 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-13765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14994023#comment-14994023
] 

Hudson commented on AMBARI-13765:
---------------------------------

FAILURE: Integrated in Ambari-trunk-Commit #3784 (See [https://builds.apache.org/job/Ambari-trunk-Commit/3784/])
AMBARI-13765. Encrypted value of the password is changed even when the (onechiporenko: [http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=a8a2387428393715890e322b3ba03d8787fe7920])
* ambari-web/app/views/common/controls_view.js
* ambari-web/app/mixins/common/configs/configs_saver.js
* ambari-web/app/mixins/common/configs/configs_comparator.js
* ambari-web/app/views/common/configs/config_history_flow.js
* ambari-web/app/templates/common/configs/save_configuration.hbs
* ambari-web/app/models/configs/objects/service_config_property.js
* ambari-web/test/controllers/main/service/info/config_test.js
* ambari-web/app/messages.js
* ambari-web/test/models/configs/objects/service_config_property_test.js
* ambari-web/app/controllers/main/service/info/configs.js


> Encrypted value of the password is changed even when the value is not changed by the
user
> -----------------------------------------------------------------------------------------
>
>                 Key: AMBARI-13765
>                 URL: https://issues.apache.org/jira/browse/AMBARI-13765
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-web
>    Affects Versions: 2.1.3
>            Reporter: Oleg Nechiporenko
>            Assignee: Oleg Nechiporenko
>            Priority: Critical
>             Fix For: 2.1.3
>
>         Attachments: AMBARI-13765.patch, AMBARI-13765_branch-2.1.patch
>
>
> *STR:*
> # Deploy Ranger service with default settings
> # After installation go to Ranger->config->Ranger User Info page
> # Change "Enable User Sync" toggle to "Yes"
> # Save the configuration. This will create another config version for Ranger
> # Compare current config version with the presious one
> # Apart from "Enable User Sync" property change which belongs to ranger-ugsync-site.xml,
all other properties which are marked as PASSWORD type in  ranger-ugsync-site.xml are changed
and appears in the compare view of the config versions.
> *Fix:*
> 0) Do not show password fields in compare view (mask them out, since they would always
be a difference even if there was no change).
> 1) In the Ambari Web UI, on any password tooltip, append "\<br\>For security purposes,
password changes will not be shown in configuration version comparisons"
> 2) When someone goes to save a config version, in the Save Configuration dialog, IF the
change includes a password change, include this "This configuration change includes a password
change. The password change will be saved but for security purposes, password changes will
not be shown in configuration version comparisons."
> 3) The Notes field should be pre-filled with "Password change" if there is a password
change.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message