[
https://issues.apache.org/jira/browse/CASSANDRA-16404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17400607#comment-17400607
]
Aleksei Zotov commented on CASSANDRA-16404:
-------------------------------------------
[~samt]
Great, thanks for taking care of that! I see 4 failures, but they do not seem
to be related to these changes.
I checked your branch for dtest repo and can see the change for handling
NetworkPermissionsCache/NetworkAuthCache MBeans. Am I right that currently
there are no dtests for JMXPermissionsCache/JmxPermissionsCache MBeans? Shall I
try to come up with a test for that (basically I'd like to get familiar with
dtests)? Can I use this ticket or need to create another one?
===============================================================================================
Also I think there is a small issue with the last change:
{code:java}
public static final String CACHE_NAME = "JMXPermissionsCache";
@Deprecated
public static final String DEPRECATED_CACHE_NAME = "JmxPermissionsCache";
{code}
it should be opposite:
{code:java}
public static final String CACHE_NAME = "JmxPermissionsCache";
@Deprecated
public static final String DEPRECATED_CACHE_NAME = "JMXPermissionsCache";
{code}
JMXPermissionsCache is what we have currently
([https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/auth/jmx/AuthorizationProxy.java#L483]).
It needs to be renamed to match the class name.
> Provide a nodetool way of invalidating auth caches
> --------------------------------------------------
>
> Key: CASSANDRA-16404
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16404
> Project: Cassandra
> Issue Type: Improvement
> Components: Feature/Authorization
> Reporter: Sumanth Pasupuleti
> Assignee: Aleksei Zotov
> Priority: Normal
> Fix For: 4.x
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> We currently have nodetool commands to invalidate certain caches like
> KeyCache, RowCache and CounterCache.
> Being able to invalidate auth caches as well can come in handy in situations
> where, critical backend auth changes may need to be in effect right away for
> all the connections, especially in configurations where cache validity is
> chosen to be for a longer duration. An example can be that an authenticated
> user "User1" is no longer authorized to access a table resource "table1" and
> it is vital that this change is reflected right away, without having to wait
> for cache expiry/refresh to trigger.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
