2009/11/11 Ted Zlatanov <t...@lifelogs.com>: > Should we move this to the devel list, BTW?
Moved. > Is it OK to keep the local auth info as a field in the CassandraServer > instance Yes. > The other JAAS modules don't support that > (AFAICT they only work on the current user) so we'd only be able to > authenticate based on NIS or LDAP, or other JNDI providers. This should > support at least Active Directory and most Unix shops. That's fine. Anyone who needs more, is also welcome to submit patches. :) > We should be able to use anything that extends java.security.Permission > here; I think you're suggesting a KeyspacePermission but we should also > have a ClusterPermission. I think we should allow wildcards in the > resource name. If we wildcard keyspace why do we need cluster? > For now the auth can just be > > public void authenticateUser(Map<String, String> credentials, String cluster, > String keyspace) throws ??? Again, cluster isn't necessary. (Any cassandra server is a member of exactly one cluster.) Otherwise, sounds good to me. -Jonathan
