[jira] (CASSANDRA-17457) CEP-24 - Password validation/generation

Fri, 28 Jun 2024 17:07:06 -0700 


    [ https://issues.apache.org/jira/browse/CASSANDRA-17457 ]


    Stefan Miklosovic deleted comment on CASSANDRA-17457:
    -----------------------------------------------

was (Author: smiklosovic):
Look, I think you are forgetting one important fact and that is that this 
feature is not enabled by default. We are not acting like we turned this on by 
default and by doing so we penalize Chinese. It is just the way how it is 
implemented, we are looking after fulfilling various classes of password 
"qualities" - lower / upper case, special chars and numbers. In order to 
support that for Chinese, somebody would need to come to the plugin and say: 
'these characters are considered to be upper case in Chinese and these 
characters are considered to be lower case in Chinese" - there are no "upper 
and lower case characters" in Chinese at all - so the way how it is implemented 
can not support the Chinese characters AT ALL and probably never will so your 
"problem" basically does not exist. 

If Chinese want to have their password validator, they would need to come up 
with their own. We are not going to support absolutely every language which is 
in existence "because". I do not want to discriminate anybody but this is 
clearly a requirement I am not able to deliver even I try.

1) we can not do that, because a password might in theory consist of multiple 
languages and we would need to know full character set of each language we are 
going to support. 

It _is_ supporting unicode characters. It is about fulfilling, as I mentioned, 
various character classes, if you do "a棚4$.N;Sas4#" (for example), this will be 
valid password, it is just "棚" is not going to fall in any "lower/upper case, 
number special char" category - it will basically contribute only to the 
"lenght" constraint we require. 

> CEP-24 - Password validation/generation
> ---------------------------------------
>
>                 Key: CASSANDRA-17457
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17457
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Feature/Authorization
>            Reporter: Berenguer Blasi
>            Assignee: Stefan Miklosovic
>            Priority: Normal
>             Fix For: 5.x
>
>
> Implement CEP-24 as per 
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=228494146



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to