Re: custom validation before replication
What you're wanting really isn't supported/available, but you could probably extend cassandra to do this with some work. Doing this at replication time is the wrong point, though - you want to do it before the mutation is applied locally, so triggers are still the closest to the right point as it exists now. If you let it apply locally and then try to stop replication, you'll have to also fight: - Commitlog replay - Read repair / consistency levels - Antientropy repair - Hints etc On Thu, Nov 16, 2017 at 1:36 PM, Abdelkrim Fitouriwrote: > ok please find bellow an example: > > Lets suppose that i have a cassandra cluster of 4 nodes / one DC / > replication factor = 4, So in this architecture i have on full copy of the > data on each node. > > Imagine now that one node have been hacked and in some way with full access > to cqlsh session, if data is changed on that node, data will be changed on > the three other, am i right ? > > imagine now that i am able to know (using cryptographic bases) if one > column was modified by my API ( => normal way) or not ( => suspicious way), > and i want to execute this check function just before any replication of a > keyspace to avoid that all the replica will be affected by that and so a > rollback will be not easy and the integrity of all the system will be down, > the check will for example kill the local cassandra service ... > > Hope that my question is more clear now. > > Many thanks for any help. > > 2017-11-16 21:59 GMT+01:00 Nate McCall : > > > On Fri, Nov 17, 2017 at 9:11 AM, Abdelkrim Fitouri > > wrote: > > > Trigger does not resolve my problem because it is not a format > validation > > > issue but an integrity constraint ... > > > > > > My purpose is to check data integrity before replication, by returning > an > > > error and killing the service, so i am killing the node that is > supposed > > to > > > replicate data after a write action ... > > > > I'm a little confused. Can you provide some specific examples of your > > requirements? > > > > - > > To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org > > For additional commands, e-mail: dev-h...@cassandra.apache.org > > > > > > > -- > > Cordialement / Best Regards. > > *Abdelkarim FITOURI* > > LPIC/CEH/ITIL > > System And Security Engineer >
Re: custom validation before replication
Looks like you’ve got this thread going on the user & dev ML. This list is the dev one, and is meant for discussion of the Cassandra project. Would everyone mind replying to the thread of the same name on the user list instead? > On Nov 16, 2017, at 1:36 PM, Abdelkrim Fitouriwrote: > > ok please find bellow an example: > > Lets suppose that i have a cassandra cluster of 4 nodes / one DC / > replication factor = 4, So in this architecture i have on full copy of the > data on each node. > > Imagine now that one node have been hacked and in some way with full access > to cqlsh session, if data is changed on that node, data will be changed on > the three other, am i right ? > > imagine now that i am able to know (using cryptographic bases) if one > column was modified by my API ( => normal way) or not ( => suspicious way), > and i want to execute this check function just before any replication of a > keyspace to avoid that all the replica will be affected by that and so a > rollback will be not easy and the integrity of all the system will be down, > the check will for example kill the local cassandra service ... > > Hope that my question is more clear now. > > Many thanks for any help. > > 2017-11-16 21:59 GMT+01:00 Nate McCall : > >> On Fri, Nov 17, 2017 at 9:11 AM, Abdelkrim Fitouri >> wrote: >>> Trigger does not resolve my problem because it is not a format validation >>> issue but an integrity constraint ... >>> >>> My purpose is to check data integrity before replication, by returning an >>> error and killing the service, so i am killing the node that is supposed >> to >>> replicate data after a write action ... >> >> I'm a little confused. Can you provide some specific examples of your >> requirements? >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org >> For additional commands, e-mail: dev-h...@cassandra.apache.org >> >> > > > -- > > Cordialement / Best Regards. > > *Abdelkarim FITOURI* > > LPIC/CEH/ITIL > > System And Security Engineer - To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org For additional commands, e-mail: dev-h...@cassandra.apache.org
Re: custom validation before replication
ok please find bellow an example: Lets suppose that i have a cassandra cluster of 4 nodes / one DC / replication factor = 4, So in this architecture i have on full copy of the data on each node. Imagine now that one node have been hacked and in some way with full access to cqlsh session, if data is changed on that node, data will be changed on the three other, am i right ? imagine now that i am able to know (using cryptographic bases) if one column was modified by my API ( => normal way) or not ( => suspicious way), and i want to execute this check function just before any replication of a keyspace to avoid that all the replica will be affected by that and so a rollback will be not easy and the integrity of all the system will be down, the check will for example kill the local cassandra service ... Hope that my question is more clear now. Many thanks for any help. 2017-11-16 21:59 GMT+01:00 Nate McCall: > On Fri, Nov 17, 2017 at 9:11 AM, Abdelkrim Fitouri > wrote: > > Trigger does not resolve my problem because it is not a format validation > > issue but an integrity constraint ... > > > > My purpose is to check data integrity before replication, by returning an > > error and killing the service, so i am killing the node that is supposed > to > > replicate data after a write action ... > > I'm a little confused. Can you provide some specific examples of your > requirements? > > - > To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org > For additional commands, e-mail: dev-h...@cassandra.apache.org > > -- Cordialement / Best Regards. *Abdelkarim FITOURI* LPIC/CEH/ITIL System And Security Engineer
RE: custom validation before replication
Trigger does not resolve my problem because it is not a format validation issue but an integrity constraint ... My purpose is to check data integrity before replication, by returning an error and killing the service, so i am killing the node that is supposed to replicate data after a write action ... Does that seems possible ? Many thanks. Le 16 nov. 2017 18:53, "Jacques-Henri Berthemet" < jacques-henri.berthe...@genesys.com> a écrit : Hi, You can't prevent the replication because if you manage to return a failure the other node will keep trying to send the data. What would be more relevant is to prevent the modification in the first place. You could try to implement a custom trigger and load it in Cassandra: http://cassandra.apache.org/doc/latest/cql/triggers.html https://github.com/apache/cassandra/tree/cassandra-3.11/examples/triggers In your trigger implementation, you'll need to validate the data and throw an exception if it does not meet your security settings. However, I don't think you'll have access to the current username/role at this level. It may be simpler for you to work with regular authentication and roles: http://cassandra.apache.org/doc/latest/cql/security.html Regards, -- Jacques-Henri Berthemet -Original Message- From: Abdelkrim Fitouri [mailto:abdou@gmail.com] Sent: jeudi 16 novembre 2017 18:31 To: dev@cassandra.apache.org Subject: custom validation before replication Hi, I have some security constraint on a project, and i need to validate or unvalidate changes made on a keyspace via cql or via an other ways before replication. for example in the case of multinode cluster with replication, if data was changed locally using cqlsh, data will be replicated (that is normal working way for cassandra) is there a possibility to call a custom validation function just before data replication ? Many thanks for any help. -- Best Regards. - To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org For additional commands, e-mail: dev-h...@cassandra.apache.org
Re: custom validation before replication
Going to hate myself for this, but check out the trigger interface. https://github.com/apache/cassandra/blob/cassandra-3.0/src/java/org/apache/cassandra/triggers/ITrigger.java Pay attention to the note that says the API is in beta and subject to change. It's had that note for many years, which is an indication of how infrequently anyone uses triggers. On Thu, Nov 16, 2017 at 9:31 AM, Abdelkrim Fitouriwrote: > Hi, > > I have some security constraint on a project, and i need to validate or > unvalidate changes made on a keyspace via cql or via an other ways before > replication. > > for example in the case of multinode cluster with replication, if data was > changed locally using cqlsh, data will be replicated (that is normal > working way for cassandra) > > is there a possibility to call a custom validation function just before > data replication ? > > Many thanks for any help. > > -- > > Best Regards. >
RE: custom validation before replication
Hi, You can't prevent the replication because if you manage to return a failure the other node will keep trying to send the data. What would be more relevant is to prevent the modification in the first place. You could try to implement a custom trigger and load it in Cassandra: http://cassandra.apache.org/doc/latest/cql/triggers.html https://github.com/apache/cassandra/tree/cassandra-3.11/examples/triggers In your trigger implementation, you'll need to validate the data and throw an exception if it does not meet your security settings. However, I don't think you'll have access to the current username/role at this level. It may be simpler for you to work with regular authentication and roles: http://cassandra.apache.org/doc/latest/cql/security.html Regards, -- Jacques-Henri Berthemet -Original Message- From: Abdelkrim Fitouri [mailto:abdou@gmail.com] Sent: jeudi 16 novembre 2017 18:31 To: dev@cassandra.apache.org Subject: custom validation before replication Hi, I have some security constraint on a project, and i need to validate or unvalidate changes made on a keyspace via cql or via an other ways before replication. for example in the case of multinode cluster with replication, if data was changed locally using cqlsh, data will be replicated (that is normal working way for cassandra) is there a possibility to call a custom validation function just before data replication ? Many thanks for any help. -- Best Regards. - To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org For additional commands, e-mail: dev-h...@cassandra.apache.org