[
https://issues.apache.org/jira/browse/CASSANDRA-5144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13550582#comment-13550582
]
Aleksey Yeschenko edited comment on CASSANDRA-5144 at 1/11/13 12:08 AM:
------------------------------------------------------------------------
Can't use Thrift {noformat}{Authentication,Authorization}Exception{noformat}
without breaking thrift interface.
Committed with changes: removed the conversion method from ThriftConversion.
Thanks.
was (Author: iamaleksey):
Can't use Thrift {Authentication,Authorization}Exception without breaking
thrift interface.
Committed with changes: removed the conversion method from ThriftConversion.
Thanks.
> Validate login for Thrift describe_keyspace, describe_keyspaces and
> set_keyspace methods
> ----------------------------------------------------------------------------------------
>
> Key: CASSANDRA-5144
> URL: https://issues.apache.org/jira/browse/CASSANDRA-5144
> Project: Cassandra
> Issue Type: Bug
> Affects Versions: 1.2.0
> Reporter: Aleksey Yeschenko
> Assignee: Aleksey Yeschenko
> Priority: Trivial
> Fix For: 1.2.1
>
> Attachments: 5144.txt
>
>
> Not validating login leaks info about keyspaces and columnfamilies if the
> configured authenticator requires validation.
> This change does not affect AllowAllAuthenticator, but if an implementation
> forbids anonymous access, we should deny this information to unauthenticated
> users.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
