incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Zlatanov <...@lifelogs.com>
Subject Re: Cassandra access control
Date Mon, 30 Nov 2009 22:34:23 GMT
I posted the first attempt (with a default AllowAll backend) as a patch:

https://issues.apache.org/jira/browse/CASSANDRA-547

Important changes in the Thrift interface:

# invalid authentication request (user does not exist or credentials invalid)
exception AuthenticationException {
    1: required string why
}

# invalid authorization request (user does not have access to keyspace)
exception AuthorizationException {
    1: required string why
}

...

struct AuthenticationRequest {
    1: required map<string, string> credentials,
}

service Cassandra {
  # auth methods
  # authentication
  void login(1:required AuthenticationRequest auth_request) throws (1:AuthenticationException
aux),
  
  # authorization
  void setKeyspace(1:required string keyspace) throws (1:AuthorizationException azx),
  string getKeyspace(),
...

When I generated the Java files, I got compilation errors on some
unrelated stuff but the auth code will at least compile, and should be
100% backwards compatible as discussed.  I only looked for the string
"keyspace" so I may have missed some places.  Please let me know what
you think.

Thanks
Ted


Mime
View raw message