Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
2.0.1
-
None
Description
Force principals names to resolve to lowercase local usernames in auth-to-local rules. This will help when the KDC is an MIT KDC or an Active Directory and user accounts have uppercase letters that need to be converted to lowercase letters. For example: USER1234@REALM should resolve to user1234.
Solution
- Provide a kerberos-env configuration to optionally create case-insensitive rules
- If creating case-insensitive rules, generic auth-to-local rules should contain the L option, as in:
RULE:[1:$1@$0](.*@REALM)s/@.*///L
Attachments
Attachments
Issue Links
- links to
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12737949/AMBARI-11687_02.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 2 new or modified test files.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The test build failed in ambari-server
Test results: https://builds.apache.org/job/Ambari-trunk-test-patch/3055//testReport/
Console output: https://builds.apache.org/job/Ambari-trunk-test-patch/3055//console
This message is automatically generated.