[
https://issues.apache.org/jira/browse/CASSSIDECAR-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18014436#comment-18014436
]
Yifan Cai commented on CASSSIDECAR-331:
---------------------------------------
I would like to propose an alternative, i.e. making SidecarSchema as always
enabled and removing the is_enabled configuration for the feature. The reasons
are the following
- Sidecar schema is the foundation of a majority of other features, e.g. Auth,
cdc, cluster lease (coordination), restore and vtable access. With schema being
disabled, all those dependent features are not available.
- I would expect more features are developed with the need of state persistence
or access Cassandra tables.
- Acknowledging that Sidecar schema is always enabled should simply this patch
and operational complexity.
> NullPointerException When Authentication Is Enabled but sidecar_internal
> Schema Is Disabled
> -------------------------------------------------------------------------------------------
>
> Key: CASSSIDECAR-331
> URL: https://issues.apache.org/jira/browse/CASSSIDECAR-331
> Project: Sidecar for Apache Cassandra
> Issue Type: Bug
> Components: Security
> Reporter: Isaac Reath
> Assignee: Saranya Krishnakumar
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> When authentication is enabled but the sidecar_internal schema is disabled, a
> NullPointerException occurs in Sidecar. This results in a generic 401
> Unauthorized response:
> {"status":"Unauthorized","code":401,"message":"Unexpected error encountered
> in handler"}
>
>
> The issue originates in
> {{{}SystemAuthDatabaseAccessor#findRoleFromIdentity{}}}, where
> {{tableSchema}} is null. The {{SystemAuthDatabaseAccessor.tableSchema}}
> object initialized through the
> {{SidecarInternalKeyspace#registerTableSchema}} function on startup. Although
> {{SidecarInternalKeyspace#registerTableSchema}} is always called on startup,
> it is a no-op if {{is_enabled}} is set to {{{}false{}}}. As a result,
> {{tableSchema}} is never initialized, leading to the NPE when we go to use it
> for authentication. Diagnosing this requires running Sidecar in a debugger,
> as Vert.x does not log the root exception clearly.
> Since access_control.enabled implicitly depends on {{{}schema.is_enabled{}}},
> this should be validated at startup. If {{access_control}} is enabled but
> {{schema}} is not, Sidecar should fail fast with a clear error.
> Proposed Fix:
> Add startup validation to check for this config mismatch & fail with a clear
> error stating that authentication requires sidecar_internal to be enabled.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
