tolbertam commented on code in PR #2969:
URL: https://github.com/apache/cassandra/pull/2969#discussion_r1458166034
##########
src/java/org/apache/cassandra/transport/messages/StartupMessage.java:
##########
@@ -118,8 +121,34 @@ else if (compression.equals("lz4"))
clientState.setDriverVersion(options.get(DRIVER_VERSION));
}
- if (DatabaseDescriptor.getAuthenticator().requireAuthentication())
+ IAuthenticator authenticator = DatabaseDescriptor.getAuthenticator();
+ if (authenticator.requireAuthentication())
+ {
+ // If the authenticator supports early certificate authentication,
attempt to authenticate with certificates.
+ if (authenticator.supportsEarlyCertificateAuthentication())
Review Comment:
Pushed a change for this
[f115a89](https://github.com/apache/cassandra/pull/2969/commits/f115a89605673463ccfaac600057fceb13917f1b)
I made one slight change to my proposal, instead of
> SaslNegotiator.requiresCertificateAuthentication to
SaslNegotiation.requiresEarlyAuthentication
I removed the method and created
`SaslNegotiator.shouldSendAuthenticateMessage()` which indicates whether or not
a further AUTHENTICATE message should be sent to the client, I felt that was
more clear than my earlier proposal. I am open to changing that though.
Hopefully this looks ok!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
