I think figured it out wrong initially. I thought AUTH_CHALLENGE was the message the server sends right after STARTUP. If I understand correctly a server configured with the PasswordAuthenticator is going to expect this flow:
C -> [STARTUP] S -> [AUTHENTICATE] "PasswordAuthenticator" C -> [AUTH_RESPONSE] "<nul>username<nul>password" Given correct credentials, is C* going to send both of these message one after the other? S -> [AUTH_SUCCESS] S -> [READY] The documentation about READY seem to contain artifacts from v1 (the CREDENTIALS message): > Indicates that the server is ready to process queries. This message will be > sent by the server either after a STARTUP message if no authentication is > required, or after a successful CREDENTIALS message. Thank again, Le Oct 28, 2013 à 2:48 PM, Sylvain Lebresne <sylv...@datastax.com> a écrit : > What information are you looking for? As the comment says, the details are > authenticaticator specific. So you were right to look into > PasswordAuthenticator in particular, and to be more precise you'll want to > look at PasswordAuthenticator.PlainTextSaslAuthenticator.evaluateResponse() > for that that specific authenticator expect (basically the username and > password as UTF8). > > -- > Sylvain > > > On Mon, Oct 28, 2013 at 7:15 PM, Mathieu D'Amours <math...@damours.org>wrote: > >> Hello, >> >> I stumbled upon this description in the binary protocol specs [4.2.7. >> AUTH_CHALLENGE]: >> >>> The body of this message is a single [bytes] token. The details of what >> this >>> token contains (and when it can be null/empty, if ever) depends on the >> actual >>> authenticator used. >> >> >> I looked in C* builtin authenticator classes, `AllAllowAuthenticator` and >> `PasswordAuthenticator`, but couldn't find this sort of >> information. Could someone point me in the right direction? >> >> Thanks in advance, >> >> Mathieu
