cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bill de hOra <b...@dehora.net>
Subject Re: Cassandra access control
Date Wed, 02 Dec 2009 19:13:58 GMT
Mark Robson wrote:
> 2009/12/2 Ted Zlatanov <tzz@lifelogs.com <mailto:tzz@lifelogs.com>>
> 
>     OK.  So what should the API be?  Just one method, as Robin suggested?
> 
>     void login( Map<String, String> credentials, String keyspace )
>      throws AuthenticationException, AuthorizationException
> 
>     In this model the backend would still have login() and
>     setKeyspace()/getKeyspace() separately to distinguish between
>     authentication and authorization but the frontend API would merge them.
> 
> 
> I'd be against moving to a stateful protocol.

Strong agreement. The login method should return an opaque token which 
is passed on each call. If that messes up the API, that says more about 
Thrift than the auth model.

Bill

Mime
View raw message