[jira] [Comment Edited] (CASSANDRA-7653) Add role based access control to Cassandra

[Sam Tunnicliffe (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-7653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14332392#comment-14332392
 ] 

Sam Tunnicliffe edited comment on CASSANDRA-7653 at 2/22/15 10:06 PM:
----------------------------------------------------------------------

bq. Why is superuser a flag on a role instead of a permission?

Because it doesn't fit nicely into the permissions hierarchy. There are things 
a superuser can do which are hard to model with IResource and Permission - like 
create other superusers. Plus, it's a handy shortcut in IAuthorizer 
implementations to avoid hitting the permissions tables.

The suggested change to the options syntax is possible though I would say we 
should require AND to delimit options e.g.

{{CREATE ROLE manager WITH LOGIN AND PASSWORD 'foo'}}

I've opened CASSANDRA-8850 for that.


was (Author: beobal):
bq. Why is superuser a flag on a role instead of a permission?

Because it doesn't fit nicely into the permissions hierarchy. There are things 
a superuser can do which are hard to model with IResource and Permission - like 
create other superusers. Plus, it's a handy shortcut in IAuthorizer 
implementations to avoid hitting the permissions tables.

bq.
That is possible though I would say we should require AND to delimit options 
e.g.

{{CREATE ROLE manager WITH LOGIN AND PASSWORD 'foo'}}

I've opened CASSANDRA-8850 for that.

> Add role based access control to Cassandra
> ------------------------------------------
>
>                 Key: CASSANDRA-7653
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7653
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Core
>            Reporter: Mike Adamson
>            Assignee: Sam Tunnicliffe
>              Labels: docs-impacting, security
>             Fix For: 3.0
>
>         Attachments: 7653.patch, CQLSmokeTest.java, cql_smoke_test.py
>
>
> The current authentication model supports granting permissions to individual 
> users. While this is OK for small or medium organizations wanting to 
> implement authorization, it does not work well in large organizations because 
> of the overhead of having to maintain the permissions for each user.
> Introducing roles into the authentication model would allow sets of 
> permissions to be controlled in one place as a role and then the role granted 
> to users. Roles should also be able to be granted to other roles to allow 
> hierarchical sets of permissions to be built up.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)