[jira] [Commented] (CASSANDRA-19946) Allow configuration parameters for IAuthorizer, INetworkAuthorizer, and IRoleManager

Fri, 04 Oct 2024 05:16:06 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-19946?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886894#comment-17886894
 ] 

Michael Semb Wever commented on CASSANDRA-19946:
------------------------------------------------

+1 on 5.0 patch and test results.  I am keen to see the trunk patch, there all 
the yaml changes can be done.

> Allow configuration parameters for IAuthorizer, INetworkAuthorizer, and 
> IRoleManager
> ------------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-19946
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-19946
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Feature/Authorization
>            Reporter: Tiago L. Alves
>            Assignee: Tiago L. Alves
>            Priority: Normal
>             Fix For: 5.0.x, 5.x
>
>         Attachments: ci_summary.html, results_details.tar.xz
>
>          Time Spent: 5h 20m
>  Remaining Estimate: 0h
>
> The implementation of custom authentication / authorization can be achieved 
> by implementing {{{}IAuthenticator{}}}, {{{}IAuthorizer{}}}, 
> {{{}IRoleManager{}}}, and other interfaces and configured in 
> {{{}cassandra.yaml{}}}.
> {{IAuthenticator}} implementations, for instance, can additionally read extra 
> configuration parameters via a map of strings defined in 
> {{{}cassandra.yaml{}}}.
> Examples of valid configurations are:
> {code:java}
> authenticator: com.example.auth.CustomAuthenticator{code}
> or
> {code:java}
> authenticator:
>   class_name : com.example.auth.CustomAuthenticator
>   parameters :
>     param1 : value1
>     param2 : value2{code}
> This enables a C* admin to conveniently define and parameterize it's own 
> custom Authenticator directly in {{{}cassandra.yaml{}}}.
> This parameterization is currently enabled for {{Authenticator}} and 
> {{CIDRAuthorizer}} implementations only and is missing for 
> {{{}Authorizer{}}}, {{{}RoleManager{}}}, and {{NetworkAuthorizer.}}
> To enable a C* admin to set and parameterize custom 
> authentication/authorization implementations we should enable parametrization 
> of all {{{}Authorizer{}}}, {{{}RoleManager{}}}, and {{NetworkAuthorizer}} 
> implementations. This can be achieved by instantiating all auth-related 
> implementations via {{{}ParameterizedClass{}}}.
> From an user point of view, configuring existent authenticators/authorizators 
> will have no visible changes.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to