[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14985456#comment-14985456 ] Jeremiah Jordan commented on CASSANDRA-8068: +1 that works for my use cases. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[
https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14976655#comment-14976655
]
Sam Tunnicliffe commented on CASSANDRA-8068:
Would the {{InetAddress}} of the client attempting authentication be sufficient
for the negotiator? QueryState & ClientState both also provide access to a
bunch of things that an IAuthenticator probably has no business with: the
tracing-related methods, login, authz functions etc.
> Allow to create authenticator which is aware of the client connection
> -
>
> Key: CASSANDRA-8068
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8068
> Project: Cassandra
> Issue Type: New Feature
> Components: Core
>Reporter: Jacek Lewandowski
>Assignee: Sam Tunnicliffe
>Priority: Minor
> Labels: security
> Fix For: 3.0.0
>
>
> Currently, the authenticator interface doesn't allow to make a decision
> according to the client connection properties (especially the client host
> name or address).
> The idea is to add the interface which extends the current SASL aware
> authenticator interface with additional method to set the client connection.
> ServerConnection then could supply the connection to the authenticator if the
> authenticator implements that interface.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14976684#comment-14976684 ] Aleksey Yeschenko commented on CASSANDRA-8068: -- bq. QueryState & ClientState both also provide access to a bunch of things that an IAuthenticator probably has no business with: the tracing-related methods, login, authz functions etc. This. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature > Components: Core >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8068) Allow to create authenticator which is aware of the client connection
[ https://issues.apache.org/jira/browse/CASSANDRA-8068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14976683#comment-14976683 ] Jeremiah Jordan commented on CASSANDRA-8068: True, the full ClientState or QueryState is a lot. The InetSocketAddress from the ClientState.remoteAddress is enough for the use cases I am thinking of. > Allow to create authenticator which is aware of the client connection > - > > Key: CASSANDRA-8068 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8068 > Project: Cassandra > Issue Type: New Feature > Components: Core >Reporter: Jacek Lewandowski >Assignee: Sam Tunnicliffe >Priority: Minor > Labels: security > Fix For: 3.0.0 > > > Currently, the authenticator interface doesn't allow to make a decision > according to the client connection properties (especially the client host > name or address). > The idea is to add the interface which extends the current SASL aware > authenticator interface with additional method to set the client connection. > ServerConnection then could supply the connection to the authenticator if the > authenticator implements that interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
