[jira] [Commented] (CASSANDRA-20768) CEP-50: Authentication Negotiation

Tue, 15 Jul 2025 20:11:44 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-20768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18007365#comment-18007365
 ] 

guo Maxwell commented on CASSANDRA-20768:
-----------------------------------------

The issues raised in the discussion should be resolved, and then we will 
initiate a vote. If there is no objection, the CEP can be accepted.

> CEP-50: Authentication Negotiation
> ----------------------------------
>
>                 Key: CASSANDRA-20768
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-20768
>             Project: Apache Cassandra
>          Issue Type: Epic
>          Components: Client/java-driver, Feature/Authorization
>            Reporter: Joel Shepherd
>            Assignee: Joel Shepherd
>            Priority: Normal
>
> CEP-50 proposes a negotiation mechanism implemented using Cassandra's 
> existing native protocol that will enable clients to tell the node what 
> authentication mechanisms they support, and enabling the node to use its most 
> preferred authenticator that the client supports.
> Link: 
> https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-50%3A+Authentication+Negotiation
> The goals of CEP-50 are:
>  * Enable clients to negotiate an authentication method with a node at time 
> of connection via the existing native protocol.
>  * Reduce the effort and risk of changing authentication method for a running 
> cluster.
>  * Enable operators to more easily enable environment-specific authentication 
> mechanisms.
>  * Provide seamless backwards-compatible interoperability for existing 
> clients and nodes that don't support authenticator negotiation.
> Out-of-scope: {color:#000000}Other initiatives mentioned in CEP-31 — 
> user-specific negotiation, multiple role managers, authorization features, 
> negotiated inter-node authentication, specific authentication mechanisms — 
> are out of scope of this CEP. These additional initiatives are either 
> extensions of a basic authenticator negotiation solution, or touch on 
> orthogonal concerns like authorization and inter-node authentication.{color}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to