[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17748777#comment-17748777 ] Yifan Cai commented on CASSANDRA-18592: --- Merged into trunk as [933137fb14|https://github.com/apache/cassandra/commit/933137fb14d4ebfe38d0d2c8e23b765aa1c89333] > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Fix For: 5.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17748756#comment-17748756 ] Yifan Cai commented on CASSANDRA-18592: --- Preparing to commit Branch: https://github.com/yifan-c/cassandra/tree/r/upstream/pr2414 CI: https://app.circleci.com/pipelines/github/yifan-c/cassandra?branch=r%2Fupstream%2Fpr2414 > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17748702#comment-17748702 ] Dinesh Joshi commented on CASSANDRA-18592: -- +1, thank you for your patch. Good work. > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17748324#comment-17748324 ] Brandon Williams commented on CASSANDRA-18592: -- According to CASSANDRA-16895, the SSLFactory problems are expected until CASSANDRA-17992 is resolved. > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17748322#comment-17748322 ] Yifan Cai commented on CASSANDRA-18592: --- I rebased the branch with trunk and ran CI. https://app.circleci.com/pipelines/github/yifan-c/cassandra/434/workflows/9afdd37e-6342-4a5f-b090-cf06a5b2cde1 There are some test failures about "failed to create test certs", which do not seem to be related, but worth double checking. > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17743979#comment-17743979 ] Yifan Cai commented on CASSANDRA-18592: --- +1 on the patch > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17740688#comment-17740688 ] Shailaja Koppu commented on CASSANDRA-18592: [~maxwellguo] I got to know that recommendation is one PR with multiple commits, each commit focusing on one part, so reviewers can conveniently review each commit. We will squash and merge those commits, so reverting will be easy if needed. I will follow that from next time onwards, currently most of the major logic is in one commit, splitting it into multiple commits takes time, hence will try that next time. > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17740684#comment-17740684 ] Shailaja Koppu commented on CASSANDRA-18592: Circle CI run - https://app.circleci.com/pipelines/github/skoppu22/cassandra/23 > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17738501#comment-17738501 ] Brandon Williams commented on CASSANDRA-18592: -- I don't think we need to optimize for reverting, it probably won't happen and even so, it won't be difficult regardless. > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17738466#comment-17738466 ] Shailaja Koppu commented on CASSANDRA-18592: Thanks [~maxwellguo] for going through this feature and sharing great feedback. We did all changes in one PR [https://github.com/apache/cassandra/pull/2414] because incase of any issues/escalations, it's easy to revert entire feature and associated code in one shot. > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-18592) CIDR filtering authorizer for Cassandra
[ https://issues.apache.org/jira/browse/CASSANDRA-18592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17738348#comment-17738348 ] Maxwell Guo commented on CASSANDRA-18592: - Thanks [~skoppu],I think this is a nice work and very meaningful, and I want to say what about divide this jira into several subtasks so that it is convenient to review. such as : (1)add CIDR filtering authorizer ; (2) add nodetool for CIDR filtering authorizer; (3) add virtual table for CIDR filtering authorizer > CIDR filtering authorizer for Cassandra > --- > > Key: CASSANDRA-18592 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18592 > Project: Cassandra > Issue Type: New Feature > Components: Feature/Authorization >Reporter: Shailaja Koppu >Assignee: Shailaja Koppu >Priority: Normal > Labels: authorization, cidr, features, security > Time Spent: 0.5h > Remaining Estimate: 0h > > Introducing a new authorizer, to allow or disallow users accesses based on > client's IP or CIDR group. Please see the confluence page for requirements > and detailed design of this feature > [https://cwiki.apache.org/confluence/display/CASSANDRA/CIDR+filtering+authorizer]. > Will post PR link and dev discussion soon. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
