cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michał Michalski (JIRA) <>
Subject [jira] [Created] (CASSANDRA-4933) SimpleAuthority is incompatible with new Permissions and "resources lists"
Date Thu, 08 Nov 2012 14:17:12 GMT
Michał Michalski created CASSANDRA-4933:

             Summary: SimpleAuthority is incompatible with new Permissions and "resources
                 Key: CASSANDRA-4933
             Project: Cassandra
          Issue Type: Bug
         Environment: Previously 1.1.0 + Authentication patch CASSANDRA-4155 (working).
Currently: 1.1.6 (not working)
            Reporter: Michał Michalski
            Assignee: Michał Michalski
            Priority: Trivial

Commit aba5a37650232dbf10b505c04b257f73b6c9b579 by Pavel Yaskevich introduced some significant
changes in Permissions system. Except new permission types, also resource hierarchy has changed
- previously creating a keyspace was requesting for for WRITE permission for /cassandra/keyspaces.
Now it requests for CREATE permission for /cassandra/keyspaces/<new-keyspace-name>.
This change brakes the SimpleAuthority code that relies on the length of the resource list
which differs now - we cannot distinguish operations that modify keyspaces (perviously: resource
list of length 2; currently: 3) from these ones that read it or so (resource list of length

I've prepared a patch that fixes it in the way that I understand it should work now (comment
in 1.1.6's is out of date and refers to old READ/WRITE permissions only).

Yes, I know that SimpleAuth(enticator/ority) are deprecated, should not be used in production
and so on, but even if they are unsufficient as a protection from external threats, they're
still good enough in our case as a very basic protection from accidental changes made by developers

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message