incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Ellis <jbel...@gmail.com>
Subject Re: bandwidth limiting Cassandra's replication and access control
Date Thu, 12 Nov 2009 00:35:42 GMT
See the first few messages in this thread between me and Ted.

On Wed, Nov 11, 2009 at 6:14 PM, Anthony Molinaro
<anthonym@alumni.caltech.edu> wrote:
> How will authentication work with non-java clients?  I don't think thrift
> itself has authentication built in, and it sounds like a java library is
> being proposed for the guts.  Will it still be possible to connect from
> a non-java client or will the thrift interface be deprecated?
>
> -Anthony
>
> On Wed, Nov 11, 2009 at 04:55:35PM -0600, Jonathan Ellis wrote:
>> per-keyspace authentication will be basically zero overhead after you
>> connect, and the default will be "allow everyone" just like now.
>>
>> On Wed, Nov 11, 2009 at 4:48 PM, Joe Stump <joe@joestump.net> wrote:
>> >
>> > On Nov 11, 2009, at 3:29 PM, Alexander Vushkan wrote:
>> >
>> >> ...but authentication support would be nice to have...
>> >
>> > I'll continue to object to this. If you're considering running Cassandra (or
>> > MySQL or Reddis or Memcache or MemcacheDB or ...) on an open network Ur
>> > Doin' It Wrong. This is what VPN's were created for. Nobody in their right
>> > mind runs stuff like this, in production, exposed to the outside world.
>> >
>> > Cassandra was built for performance and adding this authentication stuff
>> > will do nothing but be an unneeded performance hit for a use case that the
>> > project shouldn't be fulfilling.
>> >
>> > --Joe
>> >
>> >
>
> --
> ------------------------------------------------------------------------
> Anthony Molinaro                           <anthonym@alumni.caltech.edu>
>

Mime
View raw message