cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alek...@apache.org
Subject git commit: Improve PasswordAuthenticator default super user setup
Date Tue, 19 Aug 2014 23:01:58 GMT
Repository: cassandra
Updated Branches:
  refs/heads/cassandra-1.2 22a4629d2 -> 48d6950c1


Improve PasswordAuthenticator default super user setup

patch by Aleksey Yeschenko; reviewed by Jeremiah Jordan for
CASSANDRA-7788


Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/48d6950c
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/48d6950c
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/48d6950c

Branch: refs/heads/cassandra-1.2
Commit: 48d6950c181987952a4b05e60f918646445d62f9
Parents: 22a4629
Author: Aleksey Yeschenko <aleksey@apache.org>
Authored: Wed Aug 20 02:01:14 2014 +0300
Committer: Aleksey Yeschenko <aleksey@apache.org>
Committed: Wed Aug 20 02:01:14 2014 +0300

----------------------------------------------------------------------
 CHANGES.txt                                     |  1 +
 src/java/org/apache/cassandra/auth/Auth.java    | 25 ++++++++----------
 .../cassandra/auth/PasswordAuthenticator.java   | 27 +++++++++-----------
 3 files changed, 24 insertions(+), 29 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cassandra/blob/48d6950c/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index 9fad7c9..db5fa3a 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
 1.2.19
+ * Improve PasswordAuthenticator default super user setup (CASSANDRA-7788)
  * Remove duplicates from StorageService.getJoiningNodes (CASSANDRA-7478)
  * Clone token map outside of hot gossip loops (CASSANDRA-7758)
  * Add stop method to EmbeddedCassandraService (CASSANDRA-7595)

http://git-wip-us.apache.org/repos/asf/cassandra/blob/48d6950c/src/java/org/apache/cassandra/auth/Auth.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/auth/Auth.java b/src/java/org/apache/cassandra/auth/Auth.java
index 9cee12a..60c87d7 100644
--- a/src/java/org/apache/cassandra/auth/Auth.java
+++ b/src/java/org/apache/cassandra/auth/Auth.java
@@ -38,7 +38,6 @@ import org.apache.cassandra.locator.SimpleStrategy;
 import org.apache.cassandra.service.*;
 import org.apache.cassandra.transport.messages.ResultMessage;
 import org.apache.cassandra.utils.ByteBufferUtil;
-import org.apache.cassandra.utils.FBUtilities;
 
 public class Auth
 {
@@ -137,18 +136,15 @@ public class Auth
         // the delay is here to give the node some time to see its peers - to reduce
         // "Skipped default superuser setup: some nodes were not ready" log spam.
         // It's the only reason for the delay.
-        if (DatabaseDescriptor.getSeeds().contains(FBUtilities.getBroadcastAddress()) ||
!DatabaseDescriptor.isAutoBootstrap())
-        {
-            StorageService.tasks.schedule(new Runnable()
+        StorageService.tasks.schedule(new Runnable()
+                                      {
+                                          public void run()
                                           {
-                                              public void run()
-                                              {
-                                                  setupDefaultSuperuser();
-                                              }
-                                          },
-                                          SUPERUSER_SETUP_DELAY,
-                                          TimeUnit.MILLISECONDS);
-        }
+                                              setupDefaultSuperuser();
+                                          }
+                                      },
+                                      SUPERUSER_SETUP_DELAY,
+                                      TimeUnit.MILLISECONDS);
 
         try
         {
@@ -213,7 +209,7 @@ public class Auth
                                                      USERS_CF,
                                                      DEFAULT_SUPERUSER_NAME,
                                                      true),
-                                       ConsistencyLevel.QUORUM);
+                                       ConsistencyLevel.ONE);
                 logger.info("Created default superuser '{}'", DEFAULT_SUPERUSER_NAME);
             }
         }
@@ -228,7 +224,8 @@ public class Auth
         // Try looking up the 'cassandra' default super user first, to avoid the range query
if possible.
         String defaultSUQuery = String.format("SELECT * FROM %s.%s WHERE name = '%s'", AUTH_KS,
USERS_CF, DEFAULT_SUPERUSER_NAME);
         String allUsersQuery = String.format("SELECT * FROM %s.%s LIMIT 1", AUTH_KS, USERS_CF);
-        return !QueryProcessor.process(defaultSUQuery, ConsistencyLevel.QUORUM).isEmpty()
+        return !QueryProcessor.process(defaultSUQuery, ConsistencyLevel.ONE).isEmpty()
+            || !QueryProcessor.process(defaultSUQuery, ConsistencyLevel.QUORUM).isEmpty()
             || !QueryProcessor.process(allUsersQuery, ConsistencyLevel.QUORUM).isEmpty();
     }
 

http://git-wip-us.apache.org/repos/asf/cassandra/blob/48d6950c/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java b/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java
index 9adbe4e..dfe7275 100644
--- a/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java
+++ b/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java
@@ -27,7 +27,6 @@ import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import org.apache.cassandra.config.DatabaseDescriptor;
 import org.apache.cassandra.config.Schema;
 import org.apache.cassandra.cql3.UntypedResultSet;
 import org.apache.cassandra.cql3.QueryProcessor;
@@ -39,7 +38,6 @@ import org.apache.cassandra.service.QueryState;
 import org.apache.cassandra.service.StorageService;
 import org.apache.cassandra.transport.messages.ResultMessage;
 import org.apache.cassandra.utils.ByteBufferUtil;
-import org.apache.cassandra.utils.FBUtilities;
 import org.mindrot.jbcrypt.BCrypt;
 
 /**
@@ -169,18 +167,15 @@ public class PasswordAuthenticator implements IAuthenticator
         // the delay is here to give the node some time to see its peers - to reduce
         // "skipped default user setup: some nodes are were not ready" log spam.
         // It's the only reason for the delay.
-        if (DatabaseDescriptor.getSeeds().contains(FBUtilities.getBroadcastAddress()) ||
!DatabaseDescriptor.isAutoBootstrap())
-        {
-            StorageService.tasks.schedule(new Runnable()
+        StorageService.tasks.schedule(new Runnable()
+                                      {
+                                          public void run()
                                           {
-                                              public void run()
-                                              {
-                                                  setupDefaultUser();
-                                              }
-                                          },
-                                          Auth.SUPERUSER_SETUP_DELAY,
-                                          TimeUnit.MILLISECONDS);
-        }
+                                              setupDefaultUser();
+                                          }
+                                      },
+                                      Auth.SUPERUSER_SETUP_DELAY,
+                                      TimeUnit.MILLISECONDS);
 
         try
         {
@@ -224,7 +219,7 @@ public class PasswordAuthenticator implements IAuthenticator
                                       CREDENTIALS_CF,
                                       DEFAULT_USER_NAME,
                                       escape(hashpw(DEFAULT_USER_PASSWORD))),
-                        ConsistencyLevel.QUORUM);
+                        ConsistencyLevel.ONE);
                 logger.info("PasswordAuthenticator created default user '{}'", DEFAULT_USER_NAME);
             }
         }
@@ -239,7 +234,9 @@ public class PasswordAuthenticator implements IAuthenticator
         // Try looking up the 'cassandra' default user first, to avoid the range query if
possible.
         String defaultSUQuery = String.format("SELECT * FROM %s.%s WHERE username = '%s'",
Auth.AUTH_KS, CREDENTIALS_CF, DEFAULT_USER_NAME);
         String allUsersQuery = String.format("SELECT * FROM %s.%s LIMIT 1", Auth.AUTH_KS,
CREDENTIALS_CF);
-        return !process(defaultSUQuery, ConsistencyLevel.QUORUM).isEmpty() || !process(allUsersQuery,
ConsistencyLevel.QUORUM).isEmpty();
+        return !process(defaultSUQuery, ConsistencyLevel.ONE).isEmpty()
+            || !process(defaultSUQuery, ConsistencyLevel.QUORUM).isEmpty()
+            || !process(allUsersQuery, ConsistencyLevel.QUORUM).isEmpty();
     }
 
     private static String hashpw(String password)


Mime
View raw message