Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-19946

Allow configuration parameters for IAuthorizer, INetworkAuthorizer, and IRoleManager

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • 5.0.2, 5.1
    • Feature/Authorization
    • None
    • Operability
    • Low Hanging Fruit
    • All
    • None
    • Hide

      Changes enable parameters for custom authorization implementations. Default auth implementations are unchanged.

      Show
      Changes enable parameters for custom authorization implementations. Default auth implementations are unchanged.

    Description

      The implementation of custom authentication / authorization can be achieved by implementing IAuthenticator, IAuthorizer, IRoleManager, and other interfaces and configured in cassandra.yaml.

      IAuthenticator implementations, for instance, can additionally read extra configuration parameters via a map of strings defined in cassandra.yaml.

      Examples of valid configurations are:

      authenticator: com.example.auth.CustomAuthenticator

      or

      authenticator:
  class_name : com.example.auth.CustomAuthenticator
  parameters :
    param1 : value1
    param2 : value2

      This enables a C* admin to conveniently define and parameterize it's own custom Authenticator directly in cassandra.yaml.

      This parameterization is currently enabled for Authenticator and CIDRAuthorizer implementations only and is missing for Authorizer, RoleManager, and NetworkAuthorizer.

      To enable a C* admin to set and parameterize custom authentication/authorization implementations we should enable parametrization of all Authorizer, RoleManager, and NetworkAuthorizer implementations. This can be achieved by instantiating all auth-related implementations via ParameterizedClass.

      From an user point of view, configuring existent authenticators/authorizators will have no visible changes.

      Attachments

        1. CASSANDRA-19946_trunk_49_ci_summary.html
          2.12 MB
          Michael Semb Wever
        2. CASSANDRA-19946_trunk_49_results_details.tar.xz
          2.89 MB
          Michael Semb Wever
        3. ci_summary.html
          1.01 MB
          Tiago L. Alves
        4. results_details.tar.xz
          1.42 MB
          Tiago L. Alves

        Issue Links

          is related to

          Task - A task that needs to be done. CASSANDRA-20002 Add latest test config for dynamic_remote batchlog_endpoint_strategy and new auth parameterizedClass maps

          • Normal -
          • Resolved
          links to

          Web Link GitHub Pull Request #3564

          Web Link GitHub Pull Request #3600

          Activity

            People

              tiagomlalves Tiago L. Alves
              tiagomlalves Tiago L. Alves
              Tiago L. Alves
              Michael Semb Wever, Stefan Miklosovic
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 6.5h
                  6.5h