mirrors/scylladb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
45ffa5221e9c800b1885d366fb18fa4df2eaf9ca
scylladb/auth
History
Mikołaj Grzebieluch 999be1d14b auth/service: don't create system_auth keyspace when used by maintenance socket 
The maintenance socket is created before joining the cluster. When maintenance auth service
is started it creates system_auth keyspace if it's missing. It is not synchronized
with other nodes, because this node hasn't joined the group0 yet. Thus a node has
a mismatched schema and is unable to join the cluster.

The maintenance socket doesn't use role management, thus the problem is solved
by not creating system_auth keyspace when maintenance auth service is created.

The logic of regular CQL port's auth service won't be changed. For the maintenance
socket will be created a new separate auth service.
2023-12-18 17:58:13 +01:00
..
allow_all_authenticator.cc
treewide: use Software Package Data Exchange (SPDX) license identifiers
2022-01-18 12:15:18 +01:00
allow_all_authenticator.hh
treewide: use Software Package Data Exchange (SPDX) license identifiers
2022-01-18 12:15:18 +01:00
allow_all_authorizer.cc
treewide: use Software Package Data Exchange (SPDX) license identifiers
2022-01-18 12:15:18 +01:00
allow_all_authorizer.hh
treewide: use Software Package Data Exchange (SPDX) license identifiers
2022-01-18 12:15:18 +01:00
authenticated_user.cc
auth: do not include unused header
2023-04-24 12:24:29 +03:00
authenticated_user.hh
treewide: use defaulted operator!=() and operator==()
2023-04-27 10:24:46 +03:00
authentication_options.hh
auth: remove unused operator<<(.., authentication_option)
2023-04-07 18:15:35 +08:00
authenticator.cc
auth: Allow for early (certificate/transport) authentication
2023-06-26 15:00:20 +00:00
authenticator.hh
auth: Allow for early (certificate/transport) authentication
2023-06-26 15:00:20 +00:00
authorizer.hh
treewide: use defaulted operator!=() and operator==()
2023-04-27 10:24:46 +03:00
certificate_authenticator.cc
auth: Add TLS certificate authenticator
2023-06-26 15:00:21 +00:00
certificate_authenticator.hh
auth: Add TLS certificate authenticator
2023-06-26 15:00:21 +00:00
CMakeLists.txt
auth: add maintenance_socket_role_manager
2023-12-18 11:42:40 +01:00
common.cc
migration_manager: announce: provide descriptions for all calls
2023-08-07 14:38:11 +02:00
common.hh
treewide: reduce include of cql_statement.hh
2023-09-08 13:23:50 +03:00
default_authorizer.cc
migration_manager: add wait_for_schema_agreement() function
2023-05-25 14:44:53 +03:00
default_authorizer.hh
treewide: remove empty comments in top-of-files
2022-05-13 07:11:58 +02:00
maintenance_socket_role_manager.cc
auth: add maintenance_socket_role_manager
2023-12-18 11:42:40 +01:00
maintenance_socket_role_manager.hh
auth: add maintenance_socket_role_manager
2023-12-18 11:42:40 +01:00
password_authenticator.cc
auth: fix error message when consistency level is not met
2023-11-13 14:04:23 +01:00
password_authenticator.hh
auth: Allow specifying initial superuser name + passwd (salted) in config
2023-06-26 15:00:20 +00:00
passwords.cc
Typos: fix typos in comments
2023-12-02 22:37:22 +02:00
passwords.hh
Typos: fix typos in comments
2023-12-02 22:37:22 +02:00
permission.cc
auth: add functions_resource to resources
2023-03-09 17:50:19 +01:00
permission.hh
auth: add functions_resource to resources
2023-03-09 17:50:19 +01:00
permissions_cache.cc
api: Add API for resetting authorization cache
2022-06-28 19:58:06 -03:00
permissions_cache.hh
api: Add API for resetting authorization cache
2022-06-28 19:58:06 -03:00
resource.cc
auth: disallow CREATE permission on a specific function
2023-05-14 18:40:34 +03:00
resource.hh
treewide: use defaulted operator!=() and operator==()
2023-04-27 10:24:46 +03:00
role_manager.hh
treewide: use Software Package Data Exchange (SPDX) license identifiers
2022-01-18 12:15:18 +01:00
role_or_anonymous.cc
treewide: use defaulted operator!=() and operator==()
2023-04-27 10:24:46 +03:00
role_or_anonymous.hh
treewide: use defaulted operator!=() and operator==()
2023-04-27 10:24:46 +03:00
roles-metadata.cc
auth: Allow specifying initial superuser name + passwd (salted) in config
2023-06-26 15:00:20 +00:00
roles-metadata.hh
auth: Allow specifying initial superuser name + passwd (salted) in config
2023-06-26 15:00:20 +00:00
sasl_challenge.cc
treewide: remove empty comments in top-of-files
2022-05-13 07:11:58 +02:00
sasl_challenge.hh
treewide: remove empty comments in top-of-files
2022-05-13 07:11:58 +02:00
service.cc
auth/service: don't create system_auth keyspace when used by maintenance socket
2023-12-18 17:58:13 +01:00
service.hh
auth/service: don't create system_auth keyspace when used by maintenance socket
2023-12-18 17:58:13 +01:00
standard_role_manager.cc
auth: Allow specifying initial superuser name + passwd (salted) in config
2023-06-26 15:00:20 +00:00
standard_role_manager.hh
auth: Allow specifying initial superuser name + passwd (salted) in config
2023-06-26 15:00:20 +00:00
transitional.cc
treewide: remove empty comments in top-of-files
2022-05-13 07:11:58 +02:00