yifan-c commented on code in PR #223:
URL: https://github.com/apache/cassandra-sidecar/pull/223#discussion_r2136673061
##########
client/src/main/java/org/apache/cassandra/sidecar/client/HttpClientConfig.java:
##########
@@ -178,6 +181,14 @@ public String keyStoreType()
return keyStoreType;
}
+ /**
+ * @return cassandra role
+ */
+ public String cassandraRole()
Review Comment:
if the return value is nullable, please add the `@Nullable` annotation.
##########
client-common/src/main/java/org/apache/cassandra/sidecar/common/http/SidecarHttpHeaderNames.java:
##########
@@ -31,4 +31,8 @@ public final class SidecarHttpHeaderNames
* {@code "cassandra-content-xxhash32-seed"}
*/
public static final String CONTENT_XXHASH32_SEED =
"cassandra-content-xxhash32-seed";
+ /**
+ * {@code "cassandra-auth-role"}
+ */
+ public static final String AUTH_ROLE = "cassandra-auth-role";
Review Comment:
It would worth a detailed explanation on the implication of this header and
how it is to be used, to answer questions like what if a malicious user set a
unexpected role (with high permission) on purpose, would it be a security hole.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org
For additional commands, e-mail: pr-h...@cassandra.apache.org
