Cassandra
  1. Cassandra
  2. CASSANDRA-5144

Validate login for Thrift describe_keyspace, describe_keyspaces and set_keyspace methods

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Fix Version/s: 1.2.1
    • Component/s: None
    • Labels:
      None

      Description

      Not validating login leaks info about keyspaces and columnfamilies if the configured authenticator requires validation.

      This change does not affect AllowAllAuthenticator, but if an implementation forbids anonymous access, we should deny this information to unauthenticated users.

      1. 5144.txt
        3 kB
        Aleksey Yeschenko

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Patch Available Patch Available
        38s 1 Aleksey Yeschenko 10/Jan/13 21:48
        Patch Available Patch Available Resolved Resolved
        2h 18m 1 Aleksey Yeschenko 11/Jan/13 00:06
        Gavin made changes -
        Workflow patch-available, re-open possible [ 12753781 ] reopen-resolved, no closed status, patch-avail, testing [ 12758965 ]
        Gavin made changes -
        Workflow no-reopen-closed, patch-avail [ 12745461 ] patch-available, re-open possible [ 12753781 ]
        Aleksey Yeschenko made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Hide
        Aleksey Yeschenko added a comment - - edited

        Can't use Thrift

        {Authentication,Authorization}Exception

        without breaking thrift interface.

        Committed with changes: removed the conversion method from ThriftConversion.

        Thanks.

        Show
        Aleksey Yeschenko added a comment - - edited Can't use Thrift {Authentication,Authorization}Exception without breaking thrift interface. Committed with changes: removed the conversion method from ThriftConversion. Thanks.
        Hide
        Jonathan Ellis added a comment -

        Thrift has AuthenticationException and AuthorizationException instead of IRE. Otherwise +1

        Show
        Jonathan Ellis added a comment - Thrift has AuthenticationException and AuthorizationException instead of IRE. Otherwise +1
        Aleksey Yeschenko made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Aleksey Yeschenko made changes -
        Field Original Value New Value
        Attachment 5144.txt [ 12564274 ]
        Aleksey Yeschenko created issue -

          People

          • Assignee:
            Aleksey Yeschenko
            Reporter:
            Aleksey Yeschenko
            Reviewer:
            Jonathan Ellis
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development