Return-Path: Delivered-To: apmail-incubator-cassandra-user-archive@minotaur.apache.org Received: (qmail 70486 invoked from network); 2 Dec 2009 21:43:56 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 2 Dec 2009 21:43:56 -0000 Received: (qmail 8773 invoked by uid 500); 2 Dec 2009 21:43:55 -0000 Delivered-To: apmail-incubator-cassandra-user-archive@incubator.apache.org Received: (qmail 8758 invoked by uid 500); 2 Dec 2009 21:43:55 -0000 Mailing-List: contact cassandra-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cassandra-user@incubator.apache.org Delivered-To: mailing list cassandra-user@incubator.apache.org Received: (qmail 8749 invoked by uid 99); 2 Dec 2009 21:43:55 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Dec 2009 21:43:55 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of robin.coe@bluecoat.com designates 216.52.23.28 as permitted sender) Received: from [216.52.23.28] (HELO whisker.bluecoat.com) (216.52.23.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Dec 2009 21:43:47 +0000 Received: from bcs-mail04.internal.cacheflow.com (bcsmail04.internal.cacheflow.com [10.2.2.56] (may be forged)) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id nB2LhPfb008225 for ; Wed, 2 Dec 2009 13:43:26 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: Cassandra access control Date: Wed, 2 Dec 2009 13:43:19 -0800 Message-ID: <764B352CF55C514F816B4B14BD2450D804114C98@bcs-mail04.internal.cacheflow.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Cassandra access control Thread-Index: Acpzl/ANHZutQEqeThWRgyBZcwBJKQAAE0fg References: <87eio6p7pb.fsf@lifelogs.com> <1259699027.19220.37.camel@achilles> <87fx7ul6id.fsf@lifelogs.com> <1259708330.19220.59.camel@achilles> <87638pl96u.fsf@lifelogs.com> <87ljhljhv2.fsf@lifelogs.com> <1259784893.10676.32.camel@achilles> <87zl61i0kn.fsf@lifelogs.com> <1259786109.10676.35.camel@achilles> <48011D13-469E-4D19-83CF-DE9292210B88@gmail.com> <764B352CF55C514F816B4B14BD2450D804114C45@bcs-mail04.internal.cacheflow.com> From: "Coe, Robin" To: X-Virus-Checked: Checked by ClamAV on apache.org Public IPs and ports make it so. -----Original Message----- From: Jake Luciani [mailto:jakers@gmail.com]=20 Sent: December 2, 2009 4:39 PM To: cassandra-user@incubator.apache.org Subject: Re: Cassandra access control If there is a use case to open a Cassandra cluster to the world then I =20 agree. Sent from my iPhone On Dec 2, 2009, at 4:24 PM, "Coe, Robin" wrote: > NoSQL doesn't mean no security. A production database engine has to > protect its data. The trick is to make the auth framework fast enough > that it doesn't adversely affect performance and robust enough that an > application requesting data doesn't have to jump through hoops to get > it. > > -----Original Message----- > From: Jake Luciani [mailto:jakers@gmail.com] > Sent: December 2, 2009 4:00 PM > To: cassandra-user@incubator.apache.org > Subject: Re: Cassandra access control > > +1 this is nosql afterall. > > Sent from my iPhone > > On Dec 2, 2009, at 3:54 PM, Mark Robson wrote: > >> How about we make authentication optional, and have the protocol >> being stateful only if you want to authenticate? >> >> That way we don't break backwards compatibility or introduce extra >> complexity for people who don't need it. >> >> Mark