[ https://issues.apache.org/jira/browse/CASSANDRA-16456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17515954#comment-17515954 ]
Stefan Miklosovic commented on CASSANDRA-16456: ----------------------------------------------- The solution proved itself to be working well with the custom 3rd party server implementations. My integration with, for example, Instaclustr Kerberos autheticator plugin (1) works with the following configuration in cqlshrc: {code} [AuthProvider] classname=SaslAuthProvider module=cassandra.auth [AuthProviderExtendedProperties] service = cassandra keytab=/etc/cassandra/cassandra.keytab mechanism = GSSAPI qop = auth {code} I am able to log in with a ticket granted without any password and it works as expected. I will take the second look at this from the code point of view the next week. Maybe [~bsong] or [~maulin.vasavada] would join me in this effort? I am still aiming to have this in 4.1, we have 1 month to deliver this as the freeze will occur at 1st May. The part of this ticket should be also updated documentation how to use this and how it works. It should be, prefferably, the part of this PR. (1) https://github.com/instaclustr/cassandra-kerberos > Add Plugin Support for CQLSH > ---------------------------- > > Key: CASSANDRA-16456 > URL: https://issues.apache.org/jira/browse/CASSANDRA-16456 > Project: Cassandra > Issue Type: New Feature > Components: Tool/cqlsh > Reporter: Brian Houser > Assignee: Brian Houser > Priority: Normal > Labels: gsoc2021, mentor > Time Spent: 10m > Remaining Estimate: 0h > > Currently the Cassandra drivers offer a plugin authenticator architecture for > the support of different authentication methods. This has been leveraged to > provide support for LDAP, Kerberos, and Sigv4 authentication. Unfortunately, > cqlsh, the included CLI tool, does not offer such support. Switching to a new > enhanced authentication scheme thus means being cut off from using cqlsh in > normal operation. > We should have a means of using the same plugins and authentication providers > as the Python Cassandra driver. > Here's a link to an initial draft of > [CEP|https://docs.google.com/document/d/1_G-OZCAEmDyuQuAN2wQUYUtZBEJpMkHWnkYELLhqvKc/edit?usp=sharing]. -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org