[
https://issues.apache.org/jira/browse/CASSANDRA-16456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17525958#comment-17525958
]
Brian Houser commented on CASSANDRA-16456:
------------------------------------------
> Sorry, I am not getting this. I am not sure how it is done exactly on the
> code level right at the moment but I would say that this should be pretty
> transparent? Whatever properties there are specified in auth_provider, they
> are taken into account and then they are eventually replaced by whatever is
> in credentials. If there is a username property both in auth_provider section
> in cqlshrc and in the related section in credentials, the property in
> credentials overwrites / has precedence / shadows the one in cqlshrc.
Basically right now if you have an Auth_provider specified (other than
PlainTextAuthProvider), but specify username or password on the command line,
it will override the custom loading and return PlainTextAuthProvider with the
given username and password. This seemed to fit the original use case the best
and be what the documentation was guaranteeing, particularly as there was no
way to override the authprovider from the command line.
Would you rather I just pass the username and password to whatever
auth_provider is indicated, and if its not indicated just default to the
PlainTextAuthProvider?
> Add Plugin Support for CQLSH
> ----------------------------
>
> Key: CASSANDRA-16456
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16456
> Project: Cassandra
> Issue Type: New Feature
> Components: Tool/cqlsh
> Reporter: Brian Houser
> Assignee: Brian Houser
> Priority: Normal
> Labels: gsoc2021, mentor
> Time Spent: 2h 50m
> Remaining Estimate: 0h
>
> Currently the Cassandra drivers offer a plugin authenticator architecture for
> the support of different authentication methods. This has been leveraged to
> provide support for LDAP, Kerberos, and Sigv4 authentication. Unfortunately,
> cqlsh, the included CLI tool, does not offer such support. Switching to a new
> enhanced authentication scheme thus means being cut off from using cqlsh in
> normal operation.
> We should have a means of using the same plugins and authentication providers
> as the Python Cassandra driver.
> Here's a link to an initial draft of
> [CEP|https://docs.google.com/document/d/1_G-OZCAEmDyuQuAN2wQUYUtZBEJpMkHWnkYELLhqvKc/edit?usp=sharing].
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
