[ https://issues.apache.org/jira/browse/CASSANDRA-17457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Miklosovic updated CASSANDRA-17457: ------------------------------------------ Description: Implement CEP-24 as per https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=228494146 (was: Currently we can create a user with a very insecure password such as 'A'. _CREATE ROLE coach WITH PASSWORD = 'A' AND LOGIN = true;_ As we can see there are no restrictions on length, characters, etc We should discuss and adopt some best practices in this area. A warning would be the preference instead of erroring out. Historically this has been left to be dealt by LDAP or other auth systems so we can't error out. Newcomers: - We should add warnings when a weak password is provided on DCL CQL. The {{validate}} method looks like a good place at face value. Fell free to analyze and suggest otherwise. See {{ClientWarn}} usages for examples. - We should add junit methods for the newly created warnings) > CEP-24 - Password validation/generation > --------------------------------------- > > Key: CASSANDRA-17457 > URL: https://issues.apache.org/jira/browse/CASSANDRA-17457 > Project: Cassandra > Issue Type: Improvement > Components: Feature/Authorization > Reporter: Berenguer Blasi > Assignee: Stefan Miklosovic > Priority: Normal > Labels: low-hanging-fruit > Fix For: 5.x > > > Implement CEP-24 as per > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=228494146 -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org