incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Ellis <jbel...@gmail.com>
Subject Re: Cassandra access control
Date Thu, 12 Nov 2009 16:06:02 GMT
2009/11/12 Ted Zlatanov <tzz@lifelogs.com>:
> JE> The default should definitely be, "don't break people who don't need
> JE> the new feature more than necessary."  So the default should be
> JE> "accept any client to any keyspace."
>
> Hmm, I thought we were going to limit access to a single keyspace upon
> login.  You want to keep allowing multiple keyspaces?  That would leave
> the existing API intact (only adding a login function) but requires an
> extra authorization check every time a keyspace is given.  Do we expire
> authorizations after a certain time?

If this is going to 0.5 we should keep the existing API intact since
we are very late in the 0.5 cycle (so, it's up to you if you need this
in 0.5).  But ultimately we want to drop the keyspace args in which
case the no-auth-configured behavior is that you still send an auth
method call but the auth accepts whatever it is given.

Mime
View raw message