ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henning Kropp (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-17708) Support PAM Authentication
Date Thu, 14 Jul 2016 12:22:20 GMT
Henning Kropp created AMBARI-17708:
--------------------------------------

             Summary: Support PAM Authentication
                 Key: AMBARI-17708
                 URL: https://issues.apache.org/jira/browse/AMBARI-17708
             Project: Ambari
          Issue Type: New Feature
          Components: ambari-server
    Affects Versions: trunk
            Reporter: Henning Kropp
            Assignee: Henning Kropp


LDAP is complicated and needs careful configuration especially if synchronizing with a local
users repository. It can even get more complex, when trying to support users from multiple
domains, which is not supported by Ambari right now.

Tools like SSSD, Winbind, Quest, Centrify, ... do a good job of integrating complex LDAP/AD
environments to Unix/Linux based systems using PAM.

Using PAM in Ambari could potentials simplify user authentication a lot.

As users synchronization would not be required anymore, users would need to be created at
first log in. This can be borrowed from the newly implemented JWT authentication.

Other projects using PAM authentication:
(In Hadoop Knox) https://issues.apache.org/jira/browse/KNOX-537
(With Spring Auth) https://github.com/ImmobilienScout24/yum-repo-server/blob/master/src/main/java/de/is24/infrastructure/gridfs/http/security/PamAuthenticationProvider.java



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message