LDAP is the plan, though, there needs to be support for ssl and tls, at
> a minimum.
>
> Robin.
>
> -Original Message-
> From: Jonathan Ellis [mailto:jbel...@gmail.com]
> Sent: November 12, 2009 11:11 AM
> To: cassandra-user@incubator.apache.org
> Subject: Re: Cassandra
On Nov 12, 2009, at 9:12 AM, Jonathan Ellis wrote:
2009/11/12 Ted Zlatanov :
On Wed, 11 Nov 2009 16:14:09 -0800 Anthony Molinaro > wrote:
The client will login with a Map of login tokens and
get
an auth token (probably a String containing a UUID) back. The token
will be valid for the dura
nimum.
Robin.
-Original Message-
From: Jonathan Ellis [mailto:jbel...@gmail.com]
Sent: November 12, 2009 11:11 AM
To: cassandra-user@incubator.apache.org
Subject: Re: Cassandra access control (was: bandwidth limiting Cassandra's
replication and access control)
2009/11/12 Ted Zlatanov :
&
2009/11/12 Ted Zlatanov :
> It sounds like JAAS is a bad idea. I'll use a modular auth system then,
> with two simple implementations (XML file and LDAP) at first. The XML
> file will hold account passwords (one-way hashed) and authorizations.
wouldn't it be simpler to just put the password hash
On Thu, 12 Nov 2009 07:28:29 -0800 "Coe, Robin" wrote:
CR> I'm not sure JAAS is the way to go when implementing a performant
CR> authentication/authorization service. This is what threw me off in
CR> the first place.
OK.
CR> So, my concern is, and has been since this discussion started, is
CR
2009/11/12 Ted Zlatanov :
> On Wed, 11 Nov 2009 23:11:53 -0600 (CST) "Stu Hood"
> wrote:
>
> SH> Would you mind creating a ticket for this issue in JIRA? A lot of
> SH> discussion has gone on, and a place to collect the design and
> SH> feedback would be a good start.
>
> I can, but I'd like to a
On Wed, 11 Nov 2009 23:11:53 -0600 (CST) "Stu Hood"
wrote:
SH> Would you mind creating a ticket for this issue in JIRA? A lot of
SH> discussion has gone on, and a place to collect the design and
SH> feedback would be a good start.
I can, but I'd like to at least have a consensus with Jonathan
On Wed, 11 Nov 2009 14:59:04 -0800 "Coe, Robin" wrote:
CR> Java's policy manager controls access to environment variables and
CR> code execution. All a JAAS service provides is a hook to pass a
CR> user's principal to the security manager. So, the only
CR> authorization you can provide at that
2009/11/12 Ted Zlatanov :
> On Wed, 11 Nov 2009 16:14:09 -0800 Anthony Molinaro
> wrote:
>
> AM> How will authentication work with non-java clients? I don't think thrift
> AM> itself has authentication built in, and it sounds like a java library is
> AM> being proposed for the guts. Will it sti
On Wed, 11 Nov 2009 16:14:09 -0800 Anthony Molinaro
wrote:
AM> How will authentication work with non-java clients? I don't think thrift
AM> itself has authentication built in, and it sounds like a java library is
AM> being proposed for the guts. Will it still be possible to connect from
AM> a
10 matches
Mail list logo
