[
https://issues.apache.org/jira/browse/CASSANDRA-16456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518442#comment-17518442
]
Brian Houser commented on CASSANDRA-16456:
------------------------------------------
>Yes, please change it to auth_provider_config.
Done and updated.
> I do not think there is any other case where we are overriding stuff in
> cqlshrc by the command line arguments.
Hmm the function `read_options` in cqlsh.py is designed to do precisely this.
It combines the parsing of the cqlshrc file with the commandline argument parse
so that the override is standardized. Most properties on the commandline can
be specified in the cqlshrc, and can be overriden. Particularly things
security related such as username and password, as well as some elements like
--ssl, color, etc.
> I am sorry we are returning to this but it is rather suspicious to have a new
> set of flags for cqlsh dealing with auth provider stuff in particular.
What I was basically thinking was that it would be useful/necessary to be able
to specify different properties, particularly for something a bit more
cumbersome to setup (such as a custom auth provider). providing properties via
the command line would enable you to specify the mechanics in the cqlshrc file
(the module and class) and override things like the particular user you are
authing as (to quickly switch). My model for this how the existing tool
handles plain text authentication. Allowing it both in a properties file, or
being able to override at the command line.
I can remove the flags in the short term, and we can revisit including them if
so desired in another JIRA.
> Add Plugin Support for CQLSH
> ----------------------------
>
> Key: CASSANDRA-16456
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16456
> Project: Cassandra
> Issue Type: New Feature
> Components: Tool/cqlsh
> Reporter: Brian Houser
> Assignee: Brian Houser
> Priority: Normal
> Labels: gsoc2021, mentor
> Time Spent: 50m
> Remaining Estimate: 0h
>
> Currently the Cassandra drivers offer a plugin authenticator architecture for
> the support of different authentication methods. This has been leveraged to
> provide support for LDAP, Kerberos, and Sigv4 authentication. Unfortunately,
> cqlsh, the included CLI tool, does not offer such support. Switching to a new
> enhanced authentication scheme thus means being cut off from using cqlsh in
> normal operation.
> We should have a means of using the same plugins and authentication providers
> as the Python Cassandra driver.
> Here's a link to an initial draft of
> [CEP|https://docs.google.com/document/d/1_G-OZCAEmDyuQuAN2wQUYUtZBEJpMkHWnkYELLhqvKc/edit?usp=sharing].
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
