[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14985456#comment-14985456 ] Jeremiah Jordan commented on CASSANDRA-8068: +1 that works for my use cases. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14976655#comment-14976655 ] Sam Tunnicliffe commented on CASSANDRA-8068: Would the {{InetAddress}} of the client attempting authentication be sufficient for the negotiator? QueryState & ClientState both also provide access to a bunch of things that an IAuthenticator probably has no business with: the tracing-related methods, login, authz functions etc. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature > Components: Core >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14976684#comment-14976684 ] Aleksey Yeschenko commented on CASSANDRA-8068: -- bq. QueryState & ClientState both also provide access to a bunch of things that an IAuthenticator probably has no business with: the tracing-related methods, login, authz functions etc. This. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature > Components: Core >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14976683#comment-14976683 ] Jeremiah Jordan commented on CASSANDRA-8068: True, the full ClientState or QueryState is a lot. The InetSocketAddress from the ClientState.remoteAddress is enough for the use cases I am thinking of. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature > Components: Core >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)