[
https://issues.apache.org/jira/browse/CASSANDRA-17457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Stefan Miklosovic updated CASSANDRA-17457:
------------------------------------------
Description: Implement CEP-24 as per
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=228494146
(was: Currently we can create a user with a very insecure password such as 'A'.
_CREATE ROLE coach WITH PASSWORD = 'A' AND LOGIN = true;_
As we can see there are no restrictions on length, characters, etc We should
discuss and adopt some best practices in this area. A warning would be the
preference instead of erroring out. Historically this has been left to be dealt
by LDAP or other auth systems so we can't error out.
Newcomers:
- We should add warnings when a weak password is provided on DCL CQL. The
{{validate}} method looks like a good place at face value. Fell free to analyze
and suggest otherwise. See {{ClientWarn}} usages for examples.
- We should add junit methods for the newly created warnings)
> CEP-24 - Password validation/generation
> ---------------------------------------
>
> Key: CASSANDRA-17457
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17457
> Project: Cassandra
> Issue Type: Improvement
> Components: Feature/Authorization
> Reporter: Berenguer Blasi
> Assignee: Stefan Miklosovic
> Priority: Normal
> Labels: low-hanging-fruit
> Fix For: 5.x
>
>
> Implement CEP-24 as per
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=228494146
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
