cassandra-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mathieu D'Amours <>
Subject Re: Authentication in cassandra binary protocol v2
Date Mon, 28 Oct 2013 19:06:39 GMT
I think figured it out wrong initially. I thought AUTH_CHALLENGE was the
message the server sends right after STARTUP. If I understand correctly 
a server configured with the PasswordAuthenticator is going to expect this flow:

S -> [AUTHENTICATE] "PasswordAuthenticator"
C -> [AUTH_RESPONSE] "<nul>username<nul>password"

Given correct credentials, is C* going to send both of these message one 
after the other?

S -> [READY]

The documentation about READY seem to contain artifacts from v1 (the CREDENTIALS message):

> Indicates that the server is ready to process queries. This message will be
> sent by the server either after a STARTUP message if no authentication is
> required, or after a successful CREDENTIALS message.

Thank again,

Le Oct 28, 2013 à 2:48 PM, Sylvain Lebresne <> a écrit :

> What information are you looking for? As the comment says, the details are
> authenticaticator specific. So you were right to look into
> PasswordAuthenticator in particular, and to be more precise you'll want to
> look at PasswordAuthenticator.PlainTextSaslAuthenticator.evaluateResponse()
> for that that specific authenticator expect (basically the username and
> password as UTF8).
> --
> Sylvain
> On Mon, Oct 28, 2013 at 7:15 PM, Mathieu D'Amours <>wrote:
>> Hello,
>> I stumbled upon this description in the binary protocol specs [4.2.7.
>>> The body of this message is a single [bytes] token. The details of what
>> this
>>> token contains (and when it can be null/empty, if ever) depends on the
>> actual
>>> authenticator used.
>> I looked in C* builtin authenticator classes, `AllAllowAuthenticator` and
>> `PasswordAuthenticator`, but couldn't find this sort of
>> information. Could someone point me in the right direction?
>> Thanks in advance,
>> Mathieu

View raw message