Return-Path: Delivered-To: apmail-incubator-cassandra-user-archive@minotaur.apache.org Received: (qmail 56600 invoked from network); 11 Nov 2009 21:29:50 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 11 Nov 2009 21:29:50 -0000 Received: (qmail 3104 invoked by uid 500); 11 Nov 2009 21:29:50 -0000 Delivered-To: apmail-incubator-cassandra-user-archive@incubator.apache.org Received: (qmail 3079 invoked by uid 500); 11 Nov 2009 21:29:50 -0000 Mailing-List: contact cassandra-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cassandra-user@incubator.apache.org Delivered-To: mailing list cassandra-user@incubator.apache.org Received: (qmail 3070 invoked by uid 99); 11 Nov 2009 21:29:50 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Nov 2009 21:29:50 +0000 X-ASF-Spam-Status: No, hits=0.3 required=5.0 tests=AWL,BAYES_00,FS_REPLICA,RCVD_NUMERIC_HELO X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of gcdcu-cassandra-user@m.gmane.org designates 80.91.229.12 as permitted sender) Received: from [80.91.229.12] (HELO lo.gmane.org) (80.91.229.12) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Nov 2009 21:29:47 +0000 Received: from list by lo.gmane.org with local (Exim 4.50) id 1N8Kko-0007Mx-7q for cassandra-user@incubator.apache.org; Wed, 11 Nov 2009 22:29:26 +0100 Received: from 38.98.147.130 ([38.98.147.130]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 11 Nov 2009 22:29:26 +0100 Received: from tzz by 38.98.147.130 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 11 Nov 2009 22:29:26 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: cassandra-user@incubator.apache.org From: Ted Zlatanov Subject: Re: bandwidth limiting Cassandra's replication and access control Followup-To: gmane.comp.db.cassandra.devel Date: Wed, 11 Nov 2009 15:28:55 -0600 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Lines: 40 Message-ID: <87d43on42w.fsf@lifelogs.com> References: <87eio6p7pb.fsf@lifelogs.com> <87ljienhjx.fsf@lifelogs.com> <87hbt1nnur.fsf@lifelogs.com> <764B352CF55C514F816B4B14BD2450D803DBB97B@bcs-mail04.internal.cacheflow.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 38.98.147.130 X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1.50 (gnu/linux) Cancel-Lock: sha1:jvi323wkuU1Hxicb/Y88gTWJZFY= Sender: news Cc: cassandra-dev@incubator.apache.org On Wed, 11 Nov 2009 07:40:00 -0800 "Coe, Robin" wrote: CR> Just going to chime in here, because I have experience writing apps CR> that use JAAS and JNDI to authenticate against LDAP and JDBC CR> services. However, I only just started looking at Cassandra this CR> week, so I'm not certain of the premise behind controlling access to CR> the Cassandra service. CR> IMO, auth services should be left to the application layer that CR> interfaces to Cassandra and not built into Cassandra. In the CR> tutorial snippet included below, the access being granted is at the CR> codebase level, not the transaction level. Since users of Cassandra CR> will generally be fronted by a service layer, the java security CR> manager isn’t going to suffice. What this snippet could do, though, CR> and may be the rationale for the request, is to ensure that CR> unauthorized users cannot instantiate a new Cassandra server. CR> However, if a user has physical access to the machine on which CR> Cassandra is installed, they could easily bypass that layer of CR> security. CR> So, I guess I'm wondering whether this discussion pertains to CR> application-layer security, i.e., permission to execute Thrift CR> transactions, or Cassandra service security? Or is it strictly a CR> utility function, to create a map of users to specific Keyspaces, to CR> simplify the Thrift API? (note followups to the devel list) I mentioned I didn't know JAAS so I appreciate any help you can give. Specifically, I don't know yet what is the difference between the codebase level and the transaction level in JAAS terms. Can you explain? I am interested in controlling the Thrift client API, not the Gossip replication service. The authenticating clients will not have physical access to the machine and all the authentication tokens will have to be passed over a Thrift login call. How would you use JAAS+JNDI to control that? The access point is CassandraServer.java as Jonathan mentioned. Ted