[
https://issues.apache.org/jira/browse/CASSANDRA-12988?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17418233#comment-17418233
]
Josh McKenzie edited comment on CASSANDRA-12988 at 9/21/21, 5:50 PM:
---------------------------------------------------------------------
[Added a
commit|https://github.com/apache/cassandra/commit/28ad1f8209e06da705f09bff19879619d5e77f55]
that reverts to identical pre-commit CL special-case handling of the default
super user account along with some better documentation around what we're doing
and why so we don't run into this in the future. Plus a unit test to further
harden against accidental changing of this in the future.
I'm tempted to say we should cut all access to
CassandraAuthorizer.auth*ConsistencyLevel and route everything through the role
methods, but people can go straight to the AuthProperties object anyway and
pull CL for read/write w/out respecting role-specific needs if they're really
hell-bent on living on the edge.
Edit: Quick addendum - I'm all for us changing things so we don't have this
strange one-off default behavior for the edge-case with the "cassandra" default
role, optionally disabling its default creation, etc. But the goal of _this_
ticket is the ability to flexibly configure read and write CL for auth, not to
make changes to that default role-based behavior, hence reverting to the
"better documented form of the previous behavior" approach.
was (Author: jmckenzie):
[Added a
commit|https://github.com/apache/cassandra/commit/28ad1f8209e06da705f09bff19879619d5e77f55]
that reverts to identical pre-commit CL special-case handling of the default
super user account along with some better documentation around what we're doing
and why so we don't run into this in the future. Plus a unit test to further
harden against accidental changing of this in the future.
I'm tempted to say we should cut all access to
CassandraAuthorizer.auth*ConsistencyLevel and route everything through the role
methods, but people can go straight to the AuthProperties object anyway and
pull CL for read/write w/out respecting role-specific needs if they're really
hell-bent on living on the edge.
> make the consistency level for user-level auth reads and writes configurable
> ----------------------------------------------------------------------------
>
> Key: CASSANDRA-12988
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12988
> Project: Cassandra
> Issue Type: Improvement
> Components: Legacy/Core
> Reporter: Jason Brown
> Assignee: Josh McKenzie
> Priority: Low
> Fix For: 4.x
>
>
> Most reads for the auth-related tables execute at {{LOCAL_ONE}}. We'd like to
> make it configurable, with the default still being {{LOCAL_ONE}}.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
