cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Zlatanov <>
Subject Re: Cassandra access control
Date Wed, 02 Dec 2009 21:20:49 GMT
On Wed, 2 Dec 2009 20:54:13 +0000 Mark Robson <> wrote: 

MR> How about we make authentication optional, and have the protocol being
MR> stateful only if you want to authenticate?

MR> That way we don't break backwards compatibility or introduce extra
MR> complexity for people who don't need it.

That was my original proposal.  Jonathan and Eric disagreed and made
good arguments against it.  Multiple operation modes are more confusing

In the latest proposed version, authentication is off by default: all
calls go to the AllowAll backend with a negligible overhead.  You still
have to make a login() call but it's effectively a setKeyspace().

I don't think backwards compatibility should limit innovation in a 0.x
release.  The extra complexity is negligible: you just pass an empty
AuthenticationRequest if you don't need it.  From that point on, you
actually have one less argument (no keyspace) on many Thrift calls.

On Wed, 2 Dec 2009 15:59:40 -0500 Jake Luciani <> wrote: 

JL> +1 this is nosql afterall.

I don't think NoSQL == stateless.  The two are completely orthogonal.

The vote is 3-3 (Jonathan, Robin, Evan - Mark, Jake, Bill).


View raw message