I posted the first attempt (with a default AllowAll backend) as a patch:
https://issues.apache.org/jira/browse/CASSANDRA-547
Important changes in the Thrift interface:
# invalid authentication request (user does not exist or credentials invalid)
exception AuthenticationException {
1: required string why
}
# invalid authorization request (user does not have access to keyspace)
exception AuthorizationException {
1: required string why
}
...
struct AuthenticationRequest {
1: required map<string, string> credentials,
}
service Cassandra {
# auth methods
# authentication
void login(1:required AuthenticationRequest auth_request) throws
(1:AuthenticationException aux),
# authorization
void setKeyspace(1:required string keyspace) throws (1:AuthorizationException
azx),
string getKeyspace(),
...
When I generated the Java files, I got compilation errors on some
unrelated stuff but the auth code will at least compile, and should be
100% backwards compatible as discussed. I only looked for the string
"keyspace" so I may have missed some places. Please let me know what
you think.
Thanks
Ted
