You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Sylvain Lebresne (JIRA)" <ji...@apache.org> on 2013/10/23 15:57:41 UTC

[jira] [Created] (CASSANDRA-6233) Authentication is broken for the protocol v1 on C* 2.0

Sylvain Lebresne created CASSANDRA-6233:
-------------------------------------------

             Summary: Authentication is broken for the protocol v1 on C* 2.0
                 Key: CASSANDRA-6233
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-6233
             Project: Cassandra
          Issue Type: Bug
            Reporter: Sylvain Lebresne
             Fix For: 2.0.3


CASSANDRA-5664 simplified the decoding method of CredentialsMessage by using CBUtil.readStringMap (instead of duplicating the code). Unfortunately, that latter method turns his keys to uppercase (to provide some form of case insensitivity for keys), and in the case of CredentialsMessage this breaks PasswordAuthenticator that expect lowercased keys (besides, it's a bad idea to mess up with the case of the credentials map in general).

Making CBUtil.readStringMap uppercase keys was probably a bad idea in the first place (as nothing in the method name imply this), so attaching patch that remove this (and uppercase keys specifically in StartupMessage where that was done on purpose).



--
This message was sent by Atlassian JIRA
(v6.1#6144)