cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Zlatanov <>
Subject Re: Cassandra access control
Date Thu, 12 Nov 2009 16:25:08 GMT
On Thu, 12 Nov 2009 10:11:27 -0600 Jonathan Ellis <> wrote: 

JE> 2009/11/12 Ted Zlatanov <>:
>> It sounds like JAAS is a bad idea.  I'll use a modular auth system then,
>> with two simple implementations (XML file and LDAP) at first.  The XML
>> file will hold account passwords (one-way hashed) and authorizations.

JE> wouldn't it be simpler to just put the password hash in the keyspace definition?

JE> it's less enterprise but if you need something sophisticated you're
JE> probably going to use ldap anyway...

It's less secure and merges the auth backend configuration with the
Cassandra configuration.  I was hoping to keep them separate.


View raw message