[ https://issues.apache.org/jira/browse/AMBARI-20860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-20860: ---------------------------------- Description: Update the backend for improved user management. User management tables in the DB should be: *{{users}}* ||Name||Type||Description|| |user_id|INTEGER|Internal unique identifier| |principal_id|INTEGER|Foreign key from adminprincipal table| |user_name|VARCHAR|Unique, case-insensitive, login identifier expected to be used when logging into Ambari| |create_time|TIMESTAMP|Creation time for this account in Ambari| |active|BOOLEAN|Active/not active flag| |consecutive_failed_auth_attemps|INTEGER|The number a failed authorization attempts since the last successful authentication| |active_widgets_layout|VARCHAR| | |display_name|VARCHAR|Cosmetic name value to show the user in user interfaces| |local_username|VARCHAR|Case-sensitive username to use when impersonating user in facilities like Ambari Views| * Primary Key: {{user_id * Foreign Key: {{principal_id}} -> {{adminprincipal.principal_id}} *{{user_authentication_local}}* ||Name||Type||Description|| |user_id|INTEGER|Foreign key from user table| |password|VARCHAR| | |create_time|TIMESTAMP|Creation time of this record |update_time|TIMESTAMP|Update time for this record, can be used to enforce password retention times| * Primary Key: {{user_id}} * Foreign Key: {{user_id}} -> {{users.user_id}} *{{user_authentication_remote}}* ||Name||Type||Description|| |type|VARCHAR|Type of remote system - LDAP, KERBEROS, JTW, PAM, etc... |remote_id|VARCHAR|Type-specific remote identifier: * LDAP: the user’s distinguished name * KERBEROS: the user’s principal * etc...| |user_id|INTEGER|Foreign key from user table| |create_time|TIMESTAMP|Creation time of this record| * Primary Key: {{type}}, {{remote_id}} * Foreign Key: {{user_id}} -> {{users.user_id}} Java code needs to change accordingly. was: Update the backend for improved user management. User management tables in the DB should be: *{{users}}* ||Name||Type||Description|| |user_id|INTEGER|Internal unique identifier| |principal_id|INTEGER|Foreign key from adminprincipal table| |user_name|VARCHAR|Unique, case-insensitive, login identifier expected to be used when logging into Ambari| |create_time|TIMESTAMP|Creation time for this account in Ambari| |active|BOOLEAN|Active/not active flag| |consecutive_failed_auth_attemps|INTEGER|The number a failed authorization attempts since the last successful authentication| |active_widgets_layout|VARCHAR|| |display_name|VARCHAR|Cosmetic name value to show the user in user interfaces| |local_username|VARCHAR|Case-sensitive username to use when impersonating user in facilities like Ambari Views| * Primary Key: {{user_id * Foreign Key: {{principal_id}} -> {{adminprincipal.principal_id}} *{{user_authentication_local}}* ||Name||Type||Description|| |user_id|INTEGER|Foreign key from user table| |password|VARCHAR|| |create_time|TIMESTAMP|Creation time of this record |update_time|TIMESTAMP|Update time for this record, can be used to enforce password retention times| * Primary Key: {{user_id}} * Foreign Key: {{user_id}} -> {{users.user_id}} *{{user_authentication_remote}}* ||Name||Type||Description|| |type|VARCHAR|Type of remote system - LDAP, KERBEROS, JTW, PAM, etc... |remote_id|VARCHAR|Type-specific remote identifier: * LDAP: the user’s distinguished name * KERBEROS: the user’s principal * etc...| |user_id|INTEGER|Foreign key from user table| |create_time|TIMESTAMP|Creation time of this record| * Primary Key: {{type}}, {{remote_id}} * Foreign Key: {{user_id}} -> {{users.user_id}} Java code needs to change accordingly. > BE: Improve User Account Management > ------------------------------------ > > Key: AMBARI-20860 > URL: https://issues.apache.org/jira/browse/AMBARI-20860 > Project: Ambari > Issue Type: Task > Components: ambari-server > Affects Versions: 3.0.0 > Reporter: Robert Levas > Assignee: Robert Levas > Labels: authentication, security > Fix For: 3.0.0 > > > Update the backend for improved user management. > User management tables in the DB should be: > *{{users}}* > ||Name||Type||Description|| > |user_id|INTEGER|Internal unique identifier| > |principal_id|INTEGER|Foreign key from adminprincipal table| > |user_name|VARCHAR|Unique, case-insensitive, login identifier expected to be > used when logging into Ambari| > |create_time|TIMESTAMP|Creation time for this account in Ambari| > |active|BOOLEAN|Active/not active flag| > |consecutive_failed_auth_attemps|INTEGER|The number a failed authorization > attempts since the last successful authentication| > |active_widgets_layout|VARCHAR| | > |display_name|VARCHAR|Cosmetic name value to show the user in user interfaces| > |local_username|VARCHAR|Case-sensitive username to use when impersonating > user in facilities like Ambari Views| > * Primary Key: {{user_id > * Foreign Key: {{principal_id}} -> {{adminprincipal.principal_id}} > *{{user_authentication_local}}* > ||Name||Type||Description|| > |user_id|INTEGER|Foreign key from user table| > |password|VARCHAR| | > |create_time|TIMESTAMP|Creation time of this record > |update_time|TIMESTAMP|Update time for this record, can be used to enforce > password retention times| > * Primary Key: {{user_id}} > * Foreign Key: {{user_id}} -> {{users.user_id}} > *{{user_authentication_remote}}* > ||Name||Type||Description|| > |type|VARCHAR|Type of remote system - LDAP, KERBEROS, JTW, PAM, etc... > |remote_id|VARCHAR|Type-specific remote identifier: > * LDAP: the user’s distinguished name > * KERBEROS: the user’s principal > * etc...| > |user_id|INTEGER|Foreign key from user table| > |create_time|TIMESTAMP|Creation time of this record| > * Primary Key: {{type}}, {{remote_id}} > * Foreign Key: {{user_id}} -> {{users.user_id}} > Java code needs to change accordingly. -- This message was sent by Atlassian JIRA (v6.3.15#6346)