It seems to me that isExistingUser should be pushed down to the IAuthenticator implementation.

Perhaps you should add a ticket to https://issues.apache.org/jira/browse/CASSANDRA

On 06/17/2013 05:12 PM, Bao Le wrote:
Hi,
 
  We have a custom  authenticator that works well with Cassandra 1.1.5.
When upgrading to C* 1.2.5, authentication failed. Turn out that in ClientState.login, we make a call to Auth.isExistingUser(user.getName())
if the AuthenticatedUser is not Anonymous user. This isExistingUser method does a query on system_auth.users and if it cannot find the name there, throw an exception.

  If our authentication model involves exchanging data on the fly and not relying on pre-created users, how do we bypass this check? Should we
add a method on IAuthenticator to specify whether user look-up is needed or not?

Bao