[jira] [Updated] (CASSGO-19) gocql: Don't restrict server authenticator unless PasswordAuthentictor.AllowedAuthenticators is provided

Fri, 08 Nov 2024 06:26:08 -0800 


     [ 
https://issues.apache.org/jira/browse/CASSGO-19?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

João Reis updated CASSGO-19:
----------------------------
    Source Control Link: 
https://github.com/apache/cassandra-gocql-driver/commit/445d97428fb6eb28de06a06e24743caf4c479270
  (was: https://github.com/apache/cassandra-gocql-driver/pull/1801)
             Resolution: Fixed
                 Status: Resolved  (was: Ready to Commit)

> gocql: Don't restrict server authenticator unless 
> PasswordAuthentictor.AllowedAuthenticators is provided
> --------------------------------------------------------------------------------------------------------
>
>                 Key: CASSGO-19
>                 URL: https://issues.apache.org/jira/browse/CASSGO-19
>             Project: Apache Cassandra Go driver
>          Issue Type: Improvement
>          Components: Core
>            Reporter: Andy Tolbert
>            Assignee: Andy Tolbert
>            Priority: Normal
>             Fix For: 2.0.0
>
>          Time Spent: 2h
>  Remaining Estimate: 0h
>
> Currently gocql will only allow authenticating with authenticators defined in 
> {{defaultApprovedAuthenticators}} in {{conn.go}}.
> There have been multiple occurrences of implementers needing to update this 
> list, either when a vendor would like to add their authenticator, or a new 
> authenticator being added, e.g.: [CASSANDRA-19858]
> examples:
> https://github.com/apache/cassandra-gocql-driver/pull/883
> https://github.com/apache/cassandra-gocql-driver/pull/1254
> https://github.com/apache/cassandra-gocql-driver/pull/1321
> https://github.com/apache/cassandra-gocql-driver/pull/1379
> I think it would probably reduce friction to just accept any authenticator 
> provided by the server.  From what I know, other drivers behave in this way.
> If a user wanted to restrict this, they could use the existing configuration 
> {{PasswordAuthenticator.AllowedAuthenticators}}, e.g.:
> {code}
> cluster.Authenticator = PasswordAuthenticator{
>     Username: x,
>     Password: x,
>     AllowedAuthenticators: []string { 
>         "myrandomauth",
>     }
> }
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to