cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jan Karlsson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-10551) Investigate JMX auth using JMXMP & SASL
Date Thu, 05 Nov 2015 12:42:27 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-10551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14991610#comment-14991610
] 

Jan Karlsson commented on CASSANDRA-10551:
------------------------------------------

Changing to JMXMP seems to work from an implementation standpoint. However this will mean
that current tools which are hardcoded to connect through RMI will have to be changed to function
with JMXMP. I'm refering mostly to nodetool. i.e. eariler versions of nodetool will not be
able to connect to the server.

What is more concerning is that some 3rd party tools like jconsole seem to lack the functionality
to connect with Sasl profiles through jmxmp. I tried connecting with a [plain profile/mechanism|https://tools.ietf.org/html/rfc4616],
but have not found a way to set a profile for jconsole.

> Investigate JMX auth using JMXMP & SASL
> ---------------------------------------
>
>                 Key: CASSANDRA-10551
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10551
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Sam Tunnicliffe
>            Assignee: Jan Karlsson
>             Fix For: 3.x
>
>
> (broken out from CASSANDRA-10091)
> We should look into whether using [JMXMP|https://meteatamel.wordpress.com/2012/02/13/jmx-rmi-vs-jmxmp/]
would enable JMX authentication using SASL. If so, could we then define a custom SaslServer
which wraps a SaslNegotiator instance provided by the configured IAuthenticator. 
> An intial look at the [JMXMP|http://docs.oracle.com/cd/E19698-01/816-7609/6mdjrf873/]
docs, particularly section *11.4.2 SASL Provider*, suggests this might be feasible.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message