Once a connection is opened with credentials, then as long as I hold that connection open, I shouldn't need to pass auth checks with every transaction.
On the other hand, if there was a way to use a token in lieu of credentials, to provide SSO capabilities to any node, then I could see their use. Checking whether a token exists in a local collection would be much faster than having to pass through an authentication/authorization framework. However, as there's no way to ensure immediate consistency of tokens across all nodes, it's probably not worth the effort of making Cassandra "token aware", since an application would have to provide fall-back logic to authenticate with credentials, if the token fails. So, tokens would probably just add complexity without much benefit. Robin. -----Original Message----- From: news [mailto:n...@ger.gmane.org] On Behalf Of Ted Zlatanov Sent: December 2, 2009 2:28 PM To: cassandra-user@incubator.apache.org Subject: Re: Cassandra access control On Wed, 2 Dec 2009 15:13:11 +0000 Mark Robson <mar...@gmail.com> wrote: MR> I'd be against moving to a stateful protocol. Noted, I'd like to see some more votes. I'm agnostic: I think it will work fine either way. Eric and Jonathan are definitely on the stateful side so it's 2-1 right now. I think Robin is also on the stateful side from his earlier notes so it may be 3-1. On Wed, 02 Dec 2009 11:59:56 -0600 Eric Evans <eev...@rackspace.com> wrote: EE> I'm thinking... EE> void login(1:required string keyspace, 2:optional map<string, string> EE> authentication) throws AuthenticationException, AuthorizationException EE> You're always going to want the keyspace supplied, but depending on how EE> the cluster is configured, you may not need anything else (so make the EE> map the second argument, and make it optional). I was going to use an empty map to signify no credentials. Optional works just as well. Thus the Thrift definition is: # invalid authentication request (user does not exist or credentials invalid) exception AuthenticationException { 1: required string why } # invalid authorization request (user does not have access to keyspace) exception AuthorizationException { 1: required string why } struct AuthenticationRequest { 1: required map<string, string> credentials, } service Cassandra { ... void login(1: required string keyspace, 2: optional AuthenticationRequest auth_request) throws (1:AuthenticationException aux, 2: AuthorizationException azx), ... } Ted
