[
https://issues.apache.org/jira/browse/CASSANDRA-5545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylvain Lebresne updated CASSANDRA-5545:
----------------------------------------
Attachment: 0001-Adds-AUTH_SUCCESS-message-as-follow-up-to-5545.txt
Actually, I've just realized that we were throwing away the last challenge of
the server (once authentication is complete), but SASL requires that we sent it
to the client since it may contains final information required by the client to
finalize authentication on its size.
So I think for completeness sake we need a new AUTH_SUCCESS message that ships
that last information rather than just a READY message. My bad for suggesting
otherwise.
Anyway, I've committed the patch that I attach here for the record that adds
this AUTH_SUCCESS message. The patch also allow tokens to be > 64k (it uses an
int instead of a short for the size) because that's what I wrote in the spec,
and while I doubt any authenticator would need more than 64K tokens, there is
no point in risking it in that case.
If someone disagrees with that last patch, please feel free to voice yourself.
> Add SASL authentication to CQL native protocol
> ----------------------------------------------
>
> Key: CASSANDRA-5545
> URL: https://issues.apache.org/jira/browse/CASSANDRA-5545
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Sam Tunnicliffe
> Assignee: Sam Tunnicliffe
> Fix For: 2.0
>
> Attachments:
> 0001-Add-SASL-authentication-to-CQL-native-protocol.patch,
> 0001-Add-SASL-hooks-to-CQL-native-protocol.patch,
> 0001-Add-SASL-hooks-to-CQL-native-protocol-v3.patch,
> 0001-Adds-AUTH_SUCCESS-message-as-follow-up-to-5545.txt
>
>
> Adding hooks for SASL authentication would make it much easier to integrate
> with external auth providers, such as Kerberos & NTLM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
