tolbertam commented on code in PR #3085:
URL: https://github.com/apache/cassandra/pull/3085#discussion_r1482013212
##########
src/java/org/apache/cassandra/auth/IAuthenticator.java:
##########
@@ -179,5 +195,64 @@ default boolean shouldSendAuthenticateMessage()
{
return true;
}
+
+ /**
+ * @return The assumed mode of authentication attempted using this
negotiator, this will usually be some value
+ * of {@link AuthenticationMode#toString()}} unless an implementor
provides their own custom authentication
+ * scheme.
+ */
+ default AuthenticationMode getAuthenticationMode()
+ {
+ return AuthenticationMode.UNAUTHENTICATED;
+ }
+ }
+
+ /**
+ * Known modes of authentication supported by Cassandra's provided {@link
IAuthenticator} implementations.
+ */
+ abstract class AuthenticationMode
+ {
+ private final String displayName;
+
+ public AuthenticationMode(@Nonnull String displayName)
+ {
+ this.displayName = displayName;
+ }
+
+ /**
+ * User was not authenticated in any particular way.
+ */
+ public static final AuthenticationMode UNAUTHENTICATED = new
AuthenticationMode("Unauthenticated") {};
+
+ /**
+ * User authenticated using a password.
+ */
+ public static final AuthenticationMode PASSWORD = new
AuthenticationMode("Password") {};
+
+ /**
+ * User authenticated using a trusted identity in their client
certificate.
+ */
+ public static final AuthenticationMode MTLS = new
AuthenticationMode("Mtls") {};
Review Comment:
It looks like it does work:
```
beans
...
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Encrypted,type=Client
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Mutual
Tls,type=Client
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Password,type=Client
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Unencrypted,type=Client
org.apache.cassandra.metrics:name=ConnectedNativeClients,type=Client
```
But it isn't easy to use, and I imagine will give some tooling trouble.
For it to work with jmxterm for example I had to double `\` escape the space:
```
$>bean org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Mutual
Tls,type=Client
#IllegalArgumentException: Please specify domain using either -d option or
domain command
$>bean
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Mutual\\
Tls,type=Client
#bean is set to
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Mutual
Tls,type=Client
$>get *
#mbean =
org.apache.cassandra.metrics:name=ConnectedNativeClients,scope=Mutual
Tls,type=Client:
Value = 5;
```
I think we should document that spaces in the mode name aren't preferred as
it may not work well with some tooling. I will do that!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
