[
https://issues.apache.org/jira/browse/CASSANDRA-12076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15346126#comment-15346126
]
Sam Tunnicliffe commented on CASSANDRA-12076:
---------------------------------------------
It's generally a good principle to keep authentication error messages terse to
avoid leakage of potentially sensitive information. That said, I'm not against
this particular change as it isn't disclosing anything that the client didn't
already supply and it's broadly in line with what other DBs (MySQL, Postgresql,
MSSQL) do.
I'm not super keen though on just appending the {{- caused by user: foo}}
string to the existing messages. If we're going to change them we should make
them read properly, for example: {{User foo is invalid}}, {{Authentication
error for user foo}} etc.
Either way, it's going to break some dtests in {{auth_test.py}}, so they'll
need updating to consider the version when examining error responses.
> Add username to AuthenticationException messages
> ------------------------------------------------
>
> Key: CASSANDRA-12076
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12076
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Geoffrey Yu
> Assignee: Geoffrey Yu
> Priority: Trivial
> Attachments: 12076-trunk.txt
>
>
> When an {{AuthenticationException}} is thrown, there are a few places where
> the user that initiated the request is not included in the exception message.
> It can be useful to have this information included for logging purposes.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
