[jira] [Comment Edited] (CASSANDRA-4239) Support Thrift SSL socket

Tue, 16 Oct 2012 00:09:08 -0700 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-4239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13476817#comment-13476817
 ] 

Jason Brown edited comment on CASSANDRA-4239 at 10/16/12 7:08 AM:
------------------------------------------------------------------

1) When Pavel and I discussed a few weeks, we thought that using the yaml would 
be a convenience for defining the SSL settings. However, AFAIK, as no other 
client (cqlsh, hector, astyanax, and so on) will be reading the yaml, so it 
seems reasonable not to tie the cli to DatabaseDescriptor.

2) I wasn't sure if we should just ignore the SSL settings when bringing up the 
HSHA server (o.a.c.t.CustomTHsHaServer.Factory), log a message, or fail to 
launch. Now that you bring it up, probably the best choice is to throw an 
exception: if the user explicitly defined the client encryption options, they 
should probably be informed (in a blatant manner) that the settings will not 
work with HSHA.
                
      was (Author: jasobrown):
    1) When Pavel and I discussed a few weeks, we thought that using the yaml 
would be a convenience for defining the SSL settings. However, AFAIK, as no 
other client (cqlsh, hector, astyanax, and so on) will be reading the yaml, so 
it seems reasonable not to tie the cli to DatabaseDescriptor.

2) I wasn't sure if we should just ignore the SSL settings when bringing up the 
HSHA server (o.a.c.t.CustomTHsHaServer.Factory), log a message, or fail to 
launch. I think probably the best choice is to throw an exception: if the user 
explicitly defined the client encryption options, they should probably be 
informed (in a blatant manner) that the settings will not work with HSHA. Logs 
are too easy to ignore, so, I think throwing an exception is best.
                  
> Support Thrift SSL socket
> -------------------------
>
>                 Key: CASSANDRA-4239
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-4239
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: API
>            Reporter: Jonathan Ellis
>            Assignee: Jason Brown
>            Priority: Minor
>             Fix For: 1.2.1
>
>         Attachments: 
> 0001-CASSANDRA-4239-Support-Thrift-SSL-socket-both-to-the.patch
>
>
> Thrift has supported SSL encryption for a while now (THRIFT-106); we should 
> allow configuring that in cassandra.yaml

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to