[
https://issues.apache.org/jira/browse/CASSANDRA-16456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17522859#comment-17522859
]
Brian Houser commented on CASSANDRA-16456:
------------------------------------------
Ok I updated this to make PlainTextAuthProvider work transparently with the new
auth provider process.
AuthProviders now only read a single key [auth_provider] in the cqlshrc file
(instead of [auth_provider_config]), and will read the credentials file under
the name of the class (example: [PlainTextAuthProvider]).
If we are using legacy elements (passing a username or a password, or using
older authentication properties, etc), it will handle things in the old way
rather than load a non PlainText auth provider. If you specify
PlainTextAuthProvider explicitly as your auth_provider section, it can use
legacy way and new way of specfiying properties (older way trumps the new one).
Basically we use username and password properties...
CLI args > credentials [plain_text_auth] > [authentciation section]in cqlshrc
> [PlainTextAuthProvider]section in credentials > [auth_provider]section in
cqlshrc (if auth provider is PlainTextAuthProvider).
I have tested manually using source command, login command, and have connected
under a variety of scenarios for PlainTextAuthProvider (new, old, etc), as well
as SigV4. I've also added a number of unit tests and done a bit of refactoring
to make the code a little smoother.
> Add Plugin Support for CQLSH
> ----------------------------
>
> Key: CASSANDRA-16456
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16456
> Project: Cassandra
> Issue Type: New Feature
> Components: Tool/cqlsh
> Reporter: Brian Houser
> Assignee: Brian Houser
> Priority: Normal
> Labels: gsoc2021, mentor
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> Currently the Cassandra drivers offer a plugin authenticator architecture for
> the support of different authentication methods. This has been leveraged to
> provide support for LDAP, Kerberos, and Sigv4 authentication. Unfortunately,
> cqlsh, the included CLI tool, does not offer such support. Switching to a new
> enhanced authentication scheme thus means being cut off from using cqlsh in
> normal operation.
> We should have a means of using the same plugins and authentication providers
> as the Python Cassandra driver.
> Here's a link to an initial draft of
> [CEP|https://docs.google.com/document/d/1_G-OZCAEmDyuQuAN2wQUYUtZBEJpMkHWnkYELLhqvKc/edit?usp=sharing].
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
