[
https://issues.apache.org/jira/browse/CASSGO-19?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
João Reis updated CASSGO-19:
----------------------------
Test and Documentation Plan: ci
Status: Patch Available (was: Open)
> gocql: Don't restrict server authenticator unless
> PasswordAuthentictor.AllowedAuthenticators is provided
> --------------------------------------------------------------------------------------------------------
>
> Key: CASSGO-19
> URL: https://issues.apache.org/jira/browse/CASSGO-19
> Project: Apache Cassandra Go driver
> Issue Type: Improvement
> Components: Core
> Reporter: Andy Tolbert
> Assignee: Andy Tolbert
> Priority: Normal
>
> Currently gocql will only allow authenticating with authenticators defined in
> {{defaultApprovedAuthenticators}} in {{conn.go}}.
> There have been multiple occurrences of implementers needing to update this
> list, either when a vendor would like to add their authenticator, or a new
> authenticator being added, e.g.: [CASSANDRA-19858]
> examples:
> https://github.com/apache/cassandra-gocql-driver/pull/883
> https://github.com/apache/cassandra-gocql-driver/pull/1254
> https://github.com/apache/cassandra-gocql-driver/pull/1321
> https://github.com/apache/cassandra-gocql-driver/pull/1379
> I think it would probably reduce friction to just accept any authenticator
> provided by the server. From what I know, other drivers behave in this way.
> If a user wanted to restrict this, they could use the existing configuration
> {{PasswordAuthenticator.AllowedAuthenticators}}, e.g.:
> {code}
> cluster.Authenticator = PasswordAuthenticator{
> Username: x,
> Password: x,
> AllowedAuthenticators: []string {
> "myrandomauth",
> }
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
