cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kleviansky (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-12294) LDAP Authentication
Date Tue, 16 Aug 2016 11:52:20 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-12294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15422632#comment-15422632
] 

Daniel Kleviansky commented on CASSANDRA-12294:
-----------------------------------------------

Authentication is working with LDAP.
Next step is to extend IRoleManager to pass role management to third party, as current iteration
bypasses role management by returning built-in "cassandra" user.

> LDAP Authentication
> -------------------
>
>                 Key: CASSANDRA-12294
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12294
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Distributed Metadata
>            Reporter: Daniel Kleviansky
>            Assignee: Daniel Kleviansky
>            Priority: Minor
>              Labels: security
>             Fix For: 2.2.x, 3.x
>
>
> Addition of an LDAP authentication plugin, in tree, along side the default authenticator,
so that Cassandra can leverage existing LDAP-speaking servers to manage user logins.
> DSE offers this: [Enabling LDAP authentication | https://docs.datastax.com/en/datastax_enterprise/4.6/datastax_enterprise/sec/secLdapEnabling.html],
but does not exist in vanilla C* as far as I can tell.
> Ideally would like to introduce this as part of the 2.2.x branch, as this is what is
currently running in client production environment, and where it is needed at the moment.
> Would aim for support of at least Microsoft Active Directory running on Windows Server
2012.
> Work in progress: https://github.com/lqid/cassandra — Branch 12294-22



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message