cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-6233) Authentication is broken for the protocol v1 on C* 2.0
Date Sat, 26 Oct 2013 13:04:31 GMT


Aleksey Yeschenko commented on CASSANDRA-6233:

Committed by Sylvain in 86b26b67fe9dd804b84a56c2535726b966d28d13, so is part of 2.0.2. 'formal'
+1 here. (needs updating CHANGES.txt).

> Authentication is broken for the protocol v1 on C* 2.0
> ------------------------------------------------------
>                 Key: CASSANDRA-6233
>                 URL:
>             Project: Cassandra
>          Issue Type: Bug
>            Reporter: Sylvain Lebresne
>            Assignee: Sylvain Lebresne
>             Fix For: 2.0.2
>         Attachments: 6233.txt
> CASSANDRA-5664 simplified the decoding method of CredentialsMessage by using CBUtil.readStringMap
(instead of duplicating the code). Unfortunately, that latter method turns his keys to uppercase
(to provide some form of case insensitivity for keys), and in the case of CredentialsMessage
this breaks PasswordAuthenticator that expect lowercased keys (besides, it's a bad idea to
mess up with the case of the credentials map in general).
> Making CBUtil.readStringMap uppercase keys was probably a bad idea in the first place
(as nothing in the method name imply this), so attaching patch that remove this (and uppercase
keys specifically in StartupMessage where that was done on purpose).

This message was sent by Atlassian JIRA

View raw message