mirrors/scylladb
1
0
Fork 0
mirror of https://github.com/scylladb/scylladb.git synced 2026-04-22 09:30:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,250 Commits 235 Branches 539 Tags
ec2ef467c8fb8cd642d5155fbbafd1cebd7acbd3
Commit Graph

17 Commits

Author SHA1 Message Date
Calle Wilund
36bb40c205 auth::auth: Add authorizer initialization + permissions getter 
Create and init authorizer object on start. Create thread local
permissions cache to front end the actual authorizer.
 2016-04-19 11:49:05 +00:00
Calle Wilund
956ee87e12 auth::authenticator: Change "protected_resources" to return reference 
It it an immutable static value anyway.
 2016-04-19 11:49:05 +00:00
Calle Wilund
1f0bbf2d9a auth::authorizer: Initial conversion 
Main authorization endpoint. Default (and only) real authorizer
keeps a mapping resource -> permission sets in system table
 2016-04-19 11:49:04 +00:00
Calle Wilund
ca7d339110 auth::authenticated_user: Add copy/move constructors 2016-04-18 13:51:15 +00:00
Calle Wilund
d3a9650646 auth::permission_set: Add < operator 2016-04-18 13:51:15 +00:00
Calle Wilund
c93d114949 auth::permission: Add stringizers + move sets into namespace 2016-04-18 13:51:15 +00:00
Calle Wilund
6e09920f93 auth::data_resource: Fix to_string to match origin 2016-04-18 13:51:15 +00:00
Calle Wilund
bb96e5bd66 auth::data_resource: Move declaration of "resource_ids" 2016-04-18 13:51:15 +00:00
Calle Wilund
1d7930c4bd authenticated_user: implement "is_super" 
Which also, unfortunately, must be a continuation. (Queries tables)
 2016-04-11 09:10:41 +00:00
Calle Wilund
d9b176307f auth::authenticator: option<->string 2016-04-11 09:10:41 +00:00
Pekka Enberg
38a54df863 Fix pre-ScyllaDB copyright statements 
People keep tripping over the old copyrights and copy-pasting them to
new files. Search and replace "Cloudius Systems" with "ScyllaDB".

Message-Id: <1460013664-25966-1-git-send-email-penberg@scylladb.com>
 2016-04-08 08:12:47 +03:00
Calle Wilund
2ba738b555 auth: make scheduled tasks explicity cancellable 
Adds a shutdown method. In this, explicitly cancels all waiting tasks
(all two!).

Message-Id: <1456753987-6914-2-git-send-email-calle@scylladb.com>
 2016-02-29 16:06:25 +02:00
Calle Wilund
980681d28e auth: Add a simplistic "schedule" for auth db setup 
Only difference from previous sleep is that we will
explicitly delete the objects if the process terminates
before tasks are run. I.e. make ASas happier.

Message-Id: <1453295521-29580-1-git-send-email-calle@scylladb.com>
 2016-01-20 19:31:14 +02:00
Calle Wilund
9a4d45e19d auth::auth/authenticator: user storage and authentication 
User db storage + login/pwd db using system tables.

Authenticator object is a global shard-shared singleton, assumed
to be completely immutable, thus safe.
Actual login authentication is done via locally created stateful object
(sasl challenge), that queries db.

Uses "crypt_r" for password hashing, vs. origins use of bcrypt.
Main reason is that bcrypt does not exist as any consistent package
that can be consumed, so to guarantee full compatibility we'd have
to include the source. Not hard, but at least initially more work than
worth.
 2016-01-13 15:35:35 +00:00
Calle Wilund
40efd231b1 auth::authenticated_user: Object representing a named or anon user 2016-01-13 08:49:01 +00:00
Calle Wilund
51af2bcafd auth::permission: permissions for authorization 
Not actually used yet. But some day...
 2016-01-13 08:49:01 +00:00
Calle Wilund
6f708eae1c auth::data_resource: resource identifier for auth permissions 2016-01-13 08:49:01 +00:00