[
https://issues.apache.org/jira/browse/CASSANDRA-10168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
sankalp kohli updated CASSANDRA-10168:
--------------------------------------
Reviewer: sankalp kohli
> CassandraAuthorizer.authorize must throw exception when lookup of any auth
> table fails
> --------------------------------------------------------------------------------------
>
> Key: CASSANDRA-10168
> URL: https://issues.apache.org/jira/browse/CASSANDRA-10168
> Project: Cassandra
> Issue Type: Bug
> Components: Core
> Reporter: Vishy Kasar
> Assignee: Vishy Kasar
> Attachments: authorizer.patch
>
>
> The PermissionCache is refreshed in the background every
> permissions_update_interval_in_ms by looking up cassandra tables. This
> background refresher assumes the called methods to throw exception on
> cassandra failures. In such cases, it just serves the stale entry until the
> next refresh happens.
> CassandraAuthorizer.authorize is throwing exception when it fails to lookup
> system_auth.users table. However when lookup on system_auth.permissions table
> fails, it swallows the exception and returns PERMISSION.NONE. In that case,
> the cache thinks that permission was revoked for the user until the next
> refresh succeeds. All the requests to that user on that cassandra instance
> fail incorrectly till the next refresh succeeds. This is bad.
> CassandraAuthorizer.authorize must throw exception when lookup of any auth
> table fails.
> I have attached a patch for cassandra 2.0 branch.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
