2009/12/2 Ted Zlatanov <t...@lifelogs.com> > OK. So what should the API be? Just one method, as Robin suggested? > > void login( Map<String, String> credentials, String keyspace ) > throws AuthenticationException, AuthorizationException > > In this model the backend would still have login() and > setKeyspace()/getKeyspace() separately to distinguish between > authentication and authorization but the frontend API would merge them. >
I'd be against moving to a stateful protocol. Currently there isn't any per-connection state held by the API (correct me someone, if I'm wrong), which means you can transparently reconnect (perhaps to a different server) on error and retry (updates are always safely repeatable in Cassandra without any bad effects, right?) Adding a session state means that the application would need to handle reconnection at a higher level. Given that only a small proportion of the Cassandra users are likely to want authentication (immediately), why not leave the keyspace parameter in all existing methods, but allow the server to throw a AuthenticationException if you aren't authorised for that keyspace (yet). Then applications which need to authentication wouldn't need to change. Mark
