-
Notifications
You must be signed in to change notification settings - Fork 157
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Always require a ClientInfo
with a AuthenticatedUser
(no user present should fail authz)
#1673
Comments
Looks like there are just 2 overloads of With StargateV2 plan we could probably:
and consider supporting any use cases otherwise unsupported by figuring out how to create variant |
Copying my comments from #1671 for visibility: There are legitimate cases where we don't have a user token: background "admin" queries that are not directly in response to an external user action. If we close the |
Could we create a dummy token for that use case that has to be explicitly set? versus not having a token being a superuser. public static AuthenticatedUser SUPERUSER = /* Some generator */;
// ...
void doSomething() {
// ...
connection.clientInfo().ifPresent(c -> c.setAuthenticatedUser(SUPERUSER));
} |
Perhaps we could require Authentication Provider to implement accessor for providing such super-user Sounds like this could/should be v2 feature since that's where it would be needed. I agree that if feasible something like this -- and in general, not implicitly assuming "no user means super user"! -- would be a better solution than what we have currently. |
Wait, but you are not considering the HTTP API usage paths, that do authn/authz before doing any queries to the data store and then use the |
@ivansenic In Stargate v2 these calls/checks are no longer made by front-end APIs like REST but backend (persistence / bridge). Front-end will pass |
We should remove (or severely deprecate) overloads of
Persistence.newConnection()
that don't require aClientInfo
with a valid authenticated user. Maybe this isn't possible while supporting the C* backends in persistence?Also, when there's a authentication service configured an
AuthenticatedUser
(token) should not be optional i.e. inStargateQueryHandler
:The text was updated successfully, but these errors were encountered: