Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-5144

Validate login for Thrift describe_keyspace, describe_keyspaces and set_keyspace methods

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Trivial
    • Resolution: Fixed
    • Fix Version/s: 1.2.1
    • Component/s: None
    • Labels:
      None

      Description

      Not validating login leaks info about keyspaces and columnfamilies if the configured authenticator requires validation.

      This change does not affect AllowAllAuthenticator, but if an implementation forbids anonymous access, we should deny this information to unauthenticated users.

      1. 5144.txt
        3 kB
        Aleksey Yeschenko

        Activity

        Hide
        jbellis Jonathan Ellis added a comment -

        Thrift has AuthenticationException and AuthorizationException instead of IRE. Otherwise +1

        Show
        jbellis Jonathan Ellis added a comment - Thrift has AuthenticationException and AuthorizationException instead of IRE. Otherwise +1
        Hide
        iamaleksey Aleksey Yeschenko added a comment - - edited

        Can't use Thrift

        {Authentication,Authorization}Exception

        without breaking thrift interface.

        Committed with changes: removed the conversion method from ThriftConversion.

        Thanks.

        Show
        iamaleksey Aleksey Yeschenko added a comment - - edited Can't use Thrift {Authentication,Authorization}Exception without breaking thrift interface. Committed with changes: removed the conversion method from ThriftConversion. Thanks.

          People

          • Assignee:
            iamaleksey Aleksey Yeschenko
            Reporter:
            iamaleksey Aleksey Yeschenko
            Reviewer:
            Jonathan Ellis
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development