bowensong opened a new pull request #1220: URL: https://github.com/apache/cassandra/pull/1220
This PR is for [CASSANDRA-16983](https://issues.apache.org/jira/browse/CASSANDRA-16983). Changes made: * Warn the user if a password is giving in the command line, and recommend them to use a credential file instead * Warn the user if password is present in the cqlshrc file and the cqlshrc file is not secure (e.g.: world readable or owned by a different user). The username and password from the cqlshrc file is still accepted. * Deprecate username and password in the cqlshrc file, and recommend the user to move them to a separate credential file. The username and password from the cqlshrc file is still accepted. * Reject the credentials file if it's not secure, and tell the user how to secure it. * Updated the documents * Updated the sample cqlshrc file, and added a sample credentials file * Removed redundant `+` operators between string literals, and fixed a bug when `~/.cqlshrc` and `~/.cassandra/cqlshrc` both exist, the warning text is shown incorrectly (this is not a part of [CASSANDRA-16983](https://issues.apache.org/jira/browse/CASSANDRA-16983), but I discovered and fixed the bug while I was working on it) The credentials file intentionally choose to use the section name `plain_text_auth` instead of the old generic `authentication` in the cqlshrc file. This allows future expansion for supporting other authentication methods. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
