[jira] [Commented] (CASSANDRA-7715) Add a credentials cache to the PasswordAuthenticator

Mon, 18 Jan 2016 08:03:56 -0800 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-7715?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15105461#comment-15105461
 ] 

Mike Adamson commented on CASSANDRA-7715:
-----------------------------------------

I'm not sure about being able to modify cache settings via JMX. This seems like 
an attack vector to me. In a (very hypothetical) scenario, if an attacker got 
hold of user credentials and JMX credentials, they could change the cache 
timeouts so that a cache containing a known password would never change. I know 
this is a fragile attack because all an administrator would need to do would be 
to change the cache timeouts themselves and the cache would reinitialize.

I think that the cache should be be cleared for a user if the authentication 
fails. Another small issue but it gives a small advantage to the attacker if 
it's left in after a failure. This only really affects the {{CredentialsCache}} 
in the {{PasswordAuthenticator}}. 

Could we have a method to invalidate the cache for a specific user? I'm just 
thinking that the only option an administrator has if they change a users 
password is to {{invalidate}} the whole cache.

In cassandra.yaml the {{credentials_update_interval_in_ms}} value (although 
commented out) ought to be the same value as {{credentials_validity_in_ms}}. We 
are saying that it defaults to the same value so it probably ought to have it.

It would be nice if {{MBEAN_NAME_BASE}} was (somehow) overridable by concrete 
implementations. This would make this class more usable by 3rd party 
implementers. 
 


> Add a credentials cache to the PasswordAuthenticator
> ----------------------------------------------------
>
>                 Key: CASSANDRA-7715
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7715
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: CQL
>            Reporter: Mike Adamson
>            Assignee: Sam Tunnicliffe
>            Priority: Minor
>             Fix For: 3.x
>
>
> If the PasswordAuthenticator cached credentials for a short time it would 
> reduce the overhead of user journeys when they need to do multiple 
> authentications in quick succession.
> This cache should work in the same way as the cache in CassandraAuthorizer in 
> that if it's TTL is set to 0 the cache will be disabled.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to