[
https://issues.apache.org/jira/browse/CASSSIDECAR-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18016054#comment-18016054
]
Francisco Guerrero commented on CASSSIDECAR-331:
------------------------------------------------
My hesitancy to make the {{sidecar_internal}} schema a requirement is that it
will increase the operational complexity. As Saranya mentioned, no
authentication or custom authentication might not require access to the
internal schema. On the other hand, looking forward it seems that the reliance
on {{sidecar_internal}} will only increase. I think one option is to merge the
patch as it is today, and take more time to think about the implications of
making the internal schema required. Or we can bite the bullet today and make
the change, but I think we should probably communicate the intent more broadly
that there is a plan to on making {{sidecar_internal}} required. I'm thinking
it potentially requires a DISCUSS thread so there's broad consensus in the
community about this change.
> NullPointerException When Authentication Is Enabled but sidecar_internal
> Schema Is Disabled
> -------------------------------------------------------------------------------------------
>
> Key: CASSSIDECAR-331
> URL: https://issues.apache.org/jira/browse/CASSSIDECAR-331
> Project: Sidecar for Apache Cassandra
> Issue Type: Bug
> Components: Security
> Reporter: Isaac Reath
> Assignee: Saranya Krishnakumar
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> When authentication is enabled but the sidecar_internal schema is disabled, a
> NullPointerException occurs in Sidecar. This results in a generic 401
> Unauthorized response:
> {"status":"Unauthorized","code":401,"message":"Unexpected error encountered
> in handler"}
>
>
> The issue originates in
> {{{}SystemAuthDatabaseAccessor#findRoleFromIdentity{}}}, where
> {{tableSchema}} is null. The {{SystemAuthDatabaseAccessor.tableSchema}}
> object initialized through the
> {{SidecarInternalKeyspace#registerTableSchema}} function on startup. Although
> {{SidecarInternalKeyspace#registerTableSchema}} is always called on startup,
> it is a no-op if {{is_enabled}} is set to {{{}false{}}}. As a result,
> {{tableSchema}} is never initialized, leading to the NPE when we go to use it
> for authentication. Diagnosing this requires running Sidecar in a debugger,
> as Vert.x does not log the root exception clearly.
> Since access_control.enabled implicitly depends on {{{}schema.is_enabled{}}},
> this should be validated at startup. If {{access_control}} is enabled but
> {{schema}} is not, Sidecar should fail fast with a clear error.
> Proposed Fix:
> Add startup validation to check for this config mismatch & fail with a clear
> error stating that authentication requires sidecar_internal to be enabled.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
