[
https://issues.apache.org/jira/browse/CASSANDRA-16404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17378427#comment-17378427
]
Aleksei Zotov commented on CASSANDRA-16404:
-------------------------------------------
[~blerer]
Thanks for checking the code!
{quote}I did not realized that the JMX interface for that part of the code tend
to be nested within the implementation classes. So I would do the same despite
what I said earlier.
{quote}
I've given it a try and realized that it causes cyclic inheritance:
{code:java}
public class RolesCache implements RolesCache.RolesCacheMBean
{
...
public static interface RolesCacheMBean extends AuthCacheMBean
{
...
}
}
{code}
and it is not compiling.
Similar approach works for other caches because they have another structure:
{code:java}
public class SomeHolderClass
{
...
public static class RolesCache implements SomeClass.RolesCacheMBean
{
...
}
public static interface RolesCacheMBean extends AuthCacheMBean
{
...
}
}
{code}
I see the following potential ways to proceed:
1. keep everything as is - that's what I'm inclined to.
2. introduce "holder" classes (similarly like we have for other caches) - I do
not like it because it will lead to many changes (that we try to prevent
without a real need). Also such holder classes without additional logic look
weird and make not much sense.
3. having interface in the same file, but non-public, like:
{code:java}
public class RolesCache implements RolesCache.RolesCacheMBean
{
...
}
interface RolesCacheMBean extends AuthCacheMBean
{
...
}
{code}
also does not seem to be working because the interface definition should be
public to be available from {{NodeProbe}}.
I see no other obvious ways to have it simple and working other than the
current approach. Your suggestions will be much appreciated. Please, let me
know your thoughts.
> Provide a nodetool way of invalidating auth caches
> --------------------------------------------------
>
> Key: CASSANDRA-16404
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16404
> Project: Cassandra
> Issue Type: Improvement
> Components: Feature/Authorization
> Reporter: Sumanth Pasupuleti
> Assignee: Aleksei Zotov
> Priority: Normal
> Fix For: 4.x
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> We currently have nodetool commands to invalidate certain caches like
> KeyCache, RowCache and CounterCache.
> Being able to invalidate auth caches as well can come in handy in situations
> where, critical backend auth changes may need to be in effect right away for
> all the connections, especially in configurations where cache validity is
> chosen to be for a longer duration. An example can be that an authenticated
> user "User1" is no longer authorized to access a table resource "table1" and
> it is vital that this change is reflected right away, without having to wait
> for cache expiry/refresh to trigger.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
