Custom Authentication with Cassandra

[Chandrasekhar M <ch...@impetus.co.in>]

Hi,

We are trying out Custom Authentication  (with Database) with Cassandra, by implementing IAuthenticator interface. We are storing the following details in a properties file and passing the location of the properties file as a startup parameter to Cassandra

1.       DB URL

2.       DB User Name

3.       DB Password

4.       JDBC Driver class

5.       Table name containing the userid,password.

When a user logs in, we are validating against the data stored in the database. Currently we are storing the userid/password in the database in plain text.

We are facing one issue with this approach, ie, we are not able to restrict the access for user with blank user name and password (default user).

If one logs into the client (Cassandra Cli) without a userid or password, an exception is thrown, but login happens into the shell as default@unknown.

Is there a way to restrict this  ? or this is the expected behavior ?

Thanks in Advance.
Chandra


________________________________

Register for Impetus Webinar on 'Device Side Performance Optimization of Mobile Apps', July 08 (10:00 am Pacific Time). Impetus is presenting a Cassandra case study on July 11 as a sponsor for Cassandra SF 2011 in San Francisco.

Click http://www.impetus.com to know more. Follow us on www.twitter.com/impetuscalling


NOTE: This message may contain information that is confidential, proprietary, privileged or otherwise protected by law. The message is intended solely for the named addressee. If received in error, please destroy and notify the sender. Any use of this email is prohibited when received in error. Impetus does not represent, warrant and/or guarantee, that the integrity of this communication has been maintained nor that the communication is free of errors, virus, interception or interference.

Re: Custom Authentication with Cassandra

[Jonathan Ellis <jb...@gmail.com>]

It lets you insert data as if you were authorized?

On Tue, Jul 19, 2011 at 2:55 PM, Chandrasekhar M
<ch...@impetus.co.in> wrote:
> Hi,
>
> Appears to me that the CLI allows login even though there is an authentication exception.
>
> At that point there is actually no user id/pwd, ie, both are empty strings.
>
> If necessary, I can send the code, I am using for the CustomAuthentication.
>
> Regards
> Chandra
>
> -----Original Message-----
> From: Jonathan Ellis [mailto:jbellis@gmail.com]
> Sent: Tuesday, July 19, 2011 8:33 PM
> To: user@cassandra.apache.org
> Subject: Re: Custom Authentication with Cassandra
>
> On Tue, Jul 19, 2011 at 5:50 AM, Chandrasekhar M <ch...@impetus.co.in> wrote:
>> If one logs into the client (Cassandra Cli) without a userid or
>> password, an exception is thrown, but login happens into the shell as default@unknown.
>
> Are you really authenticated at that point or does the cli just not know how to deal w/ auth failure?
>
> --
> Jonathan Ellis
> Project Chair, Apache Cassandra
> co-founder of DataStax, the source for professional Cassandra support http://www.datastax.com
>
> ________________________________
>
> Register for Impetus Webinar on ‘Device Side Performance Optimization of Mobile Apps’, July 08 (10:00 am Pacific Time). Impetus is presenting a Cassandra case study on July 11 as a sponsor for Cassandra SF 2011 in San Francisco.
>
> Click http://www.impetus.com to know more. Follow us on www.twitter.com/impetuscalling
>
>
> NOTE: This message may contain information that is confidential, proprietary, privileged or otherwise protected by law. The message is intended solely for the named addressee. If received in error, please destroy and notify the sender. Any use of this email is prohibited when received in error. Impetus does not represent, warrant and/or guarantee, that the integrity of this communication has been maintained nor that the communication is free of errors, virus, interception or interference.
>



-- 
Jonathan Ellis
Project Chair, Apache Cassandra
co-founder of DataStax, the source for professional Cassandra support
http://www.datastax.com

RE: Custom Authentication with Cassandra

[Chandrasekhar M <ch...@impetus.co.in>]

Hi,

Appears to me that the CLI allows login even though there is an authentication exception.

At that point there is actually no user id/pwd, ie, both are empty strings.

If necessary, I can send the code, I am using for the CustomAuthentication.

Regards
Chandra

-----Original Message-----
From: Jonathan Ellis [mailto:jbellis@gmail.com]
Sent: Tuesday, July 19, 2011 8:33 PM
To: user@cassandra.apache.org
Subject: Re: Custom Authentication with Cassandra

On Tue, Jul 19, 2011 at 5:50 AM, Chandrasekhar M <ch...@impetus.co.in> wrote:
> If one logs into the client (Cassandra Cli) without a userid or
> password, an exception is thrown, but login happens into the shell as default@unknown.

Are you really authenticated at that point or does the cli just not know how to deal w/ auth failure?

--
Jonathan Ellis
Project Chair, Apache Cassandra
co-founder of DataStax, the source for professional Cassandra support http://www.datastax.com

________________________________

Register for Impetus Webinar on ‘Device Side Performance Optimization of Mobile Apps’, July 08 (10:00 am Pacific Time). Impetus is presenting a Cassandra case study on July 11 as a sponsor for Cassandra SF 2011 in San Francisco.

Click http://www.impetus.com to know more. Follow us on www.twitter.com/impetuscalling


NOTE: This message may contain information that is confidential, proprietary, privileged or otherwise protected by law. The message is intended solely for the named addressee. If received in error, please destroy and notify the sender. Any use of this email is prohibited when received in error. Impetus does not represent, warrant and/or guarantee, that the integrity of this communication has been maintained nor that the communication is free of errors, virus, interception or interference.

Re: Custom Authentication with Cassandra

[Jonathan Ellis <jb...@gmail.com>]

On Tue, Jul 19, 2011 at 5:50 AM, Chandrasekhar M
<ch...@impetus.co.in> wrote:
> If one logs into the client (Cassandra Cli) without a userid or password, an
> exception is thrown, but login happens into the shell as default@unknown.

Are you really authenticated at that point or does the cli just not
know how to deal w/ auth failure?

-- 
Jonathan Ellis
Project Chair, Apache Cassandra
co-founder of DataStax, the source for professional Cassandra support
http://www.datastax.com