Return-Path: Delivered-To: apmail-incubator-cassandra-user-archive@minotaur.apache.org Received: (qmail 28567 invoked from network); 2 Dec 2009 21:25:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 2 Dec 2009 21:25:06 -0000 Received: (qmail 73877 invoked by uid 500); 2 Dec 2009 21:25:05 -0000 Delivered-To: apmail-incubator-cassandra-user-archive@incubator.apache.org Received: (qmail 73853 invoked by uid 500); 2 Dec 2009 21:25:05 -0000 Mailing-List: contact cassandra-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cassandra-user@incubator.apache.org Delivered-To: mailing list cassandra-user@incubator.apache.org Received: (qmail 73844 invoked by uid 99); 2 Dec 2009 21:25:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Dec 2009 21:25:05 +0000 X-ASF-Spam-Status: No, hits=-1.5 required=5.0 tests=AWL,BAYES_00 X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of robin.coe@bluecoat.com designates 216.52.23.28 as permitted sender) Received: from [216.52.23.28] (HELO whisker.bluecoat.com) (216.52.23.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Dec 2009 21:25:02 +0000 Received: from bcs-mail04.internal.cacheflow.com (bcsmail04.internal.cacheflow.com [10.2.2.56] (may be forged)) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id nB2LOfMd004070 for ; Wed, 2 Dec 2009 13:24:41 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: Cassandra access control Date: Wed, 2 Dec 2009 13:24:35 -0800 Message-ID: <764B352CF55C514F816B4B14BD2450D804114C45@bcs-mail04.internal.cacheflow.com> In-Reply-To: <48011D13-469E-4D19-83CF-DE9292210B88@gmail.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Cassandra access control Thread-Index: AcpzknyR+MrD4VWBSLa6k4ZERoNrCAAArnYQ References: <87eio6p7pb.fsf@lifelogs.com> <1259699027.19220.37.camel@achilles> <87fx7ul6id.fsf@lifelogs.com> <1259708330.19220.59.camel@achilles> <87638pl96u.fsf@lifelogs.com> <87ljhljhv2.fsf@lifelogs.com> <1259784893.10676.32.camel@achilles> <87zl61i0kn.fsf@lifelogs.com> <1259786109.10676.35.camel@achilles> <48011D13-469E-4D19-83CF-DE9292210B88@gmail.com> From: "Coe, Robin" To: NoSQL doesn't mean no security. A production database engine has to protect its data. The trick is to make the auth framework fast enough that it doesn't adversely affect performance and robust enough that an application requesting data doesn't have to jump through hoops to get it. -----Original Message----- From: Jake Luciani [mailto:jakers@gmail.com]=20 Sent: December 2, 2009 4:00 PM To: cassandra-user@incubator.apache.org Subject: Re: Cassandra access control +1 this is nosql afterall. Sent from my iPhone On Dec 2, 2009, at 3:54 PM, Mark Robson wrote: > How about we make authentication optional, and have the protocol =20 > being stateful only if you want to authenticate? > > That way we don't break backwards compatibility or introduce extra =20 > complexity for people who don't need it. > > Mark