cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Tunnicliffe (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-12525) When adding new nodes to a cluster which has authentication enabled, we end up losing cassandra user's current crendentials and they get reverted back to default cassandra/cassandra crendetials
Date Wed, 31 Aug 2016 08:17:20 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-12525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15451550#comment-15451550
] 

Sam Tunnicliffe commented on CASSANDRA-12525:
---------------------------------------------

[~asood]: sorry I'm a bit late asking this, but do you have the logs collected during this
period (in particular, the logs from the 5 new nodes would be useful here).

> When adding new nodes to a cluster which has authentication enabled, we end up losing
cassandra user's current crendentials and they get reverted back to default cassandra/cassandra
crendetials
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-12525
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12525
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Configuration
>            Reporter: Atin Sood
>            Priority: Minor
>
> Made the following observation:
> When adding new nodes to an existing C* cluster with authentication enabled we end up
loosing password information about `cassandra` user. 
> Initial Setup
> - Create a 5 node cluster with system_auth having RF=5 and NetworkTopologyStrategy
> - Enable PasswordAuthenticator on this cluster and update the password for 'cassandra'
user to say 'password' via the alter query
> - Make sure you run nodetool repair on all the nodes
> Test case
> - Now go ahead and add 5 more nodes to this cluster.
> - Run nodetool repair on all the 10 nodes now
> - Decommission the original 5 nodes such that only the new 5 nodes are in the cluster
now
> - Run cqlsh and try to connect to this cluster using old user name and password, cassandra/password
> I was unable to connect to the nodes with the original credentials and was only able
to connect using the default cassandra/cassandra credentials
> From the conversation over IIRC
> `beobal: sood: that definitely shouldn't happen. The new nodes should only create the
default superuser role if there are 0 roles currently defined (including that default one)`



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message