[jira] Commented: (CASSANDRA-547) authentication and authorization functions (stage 1)

Tue, 05 Jan 2010 14:00:18 -0800 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796864#action_12796864
 ] 

Ted Zlatanov commented on CASSANDRA-547:
----------------------------------------

In retrospect I would have done these patches differently.  I was learning 
quilt and should have split the Thrift work out.  Thanks for your and 
Jonathan's patience.  

I took out the nokeyspace patch so there's only one patch now.  The nokeyspace 
patch was really more Thrift work, intended to remove the keyspace argument 
from all Thrift code.  It sort of belongs here, though, since the auth work has 
made the keyspace argument redundant.  I'll redo the nokeyspace patch later, 
after the stage 1 auth work is done, if you prefer.  Right now we're missing:

1) a way to specify a different auth backend in the Cassandra configuration

2) a common way to specify authorizations (see my earlier comment on a proposed 
scheme)

3) an LDAP auth backend

before stage 1 is done.  I need your review of the current patch, though, 
before I continue with (1) and (2).  (3) is last, after we've ironed out the 
backend mechanics.  Also your opinions on (2) are very welcome.

Stage 2, btw, will involve documentation.  I'm not forgetting it :)


> authentication and authorization functions (stage 1)
> ----------------------------------------------------
>
>                 Key: CASSANDRA-547
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-547
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Core
>            Reporter: Ted Zlatanov
>            Assignee: Ted Zlatanov
>         Attachments: CASSANDRA-547-auth.patch
>
>
> Add functions to login() and setKeyspace().  Check against 
> authentication+authorization backends whether those calls should succeed or 
> fail.
> Create file-based and LDAP backends to implement authentication and 
> authorization.
> Create AllowAll backend to allow all access.
> Add configuration stanza to specify the auth backend.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to