cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Varun Barala (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CASSANDRA-9333) Edge case - Empty of blank password for JMX authentication not handled properly in nodetool commands
Date Sat, 22 Jul 2017 04:14:00 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-9333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Varun Barala updated CASSANDRA-9333:
------------------------------------
    Attachment: 2.1.2.png

> Edge case - Empty of blank password for JMX authentication not handled properly in nodetool
commands
> ----------------------------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-9333
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9333
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Tools
>         Environment: Apache Cassandra 2.1.2
>            Reporter: Sumod Pawgi
>            Priority: Minor
>              Labels: security
>             Fix For: 2.1.x
>
>         Attachments: 2.1.2.png
>
>
> While setting up JMX authentication for Apache Cassandra, if we set the password blank
(in the file - jmxremote.password), nodetool commands do not work
> example creds are cassandra cassandra. In this case, for a secured cluster, we run the
nodetool command as - nodetool -u cassandra -pw cassandra status
> But if the password is kept as blank then we cannot execute nodetool command. 
> However, I believe that if a third party software used JMX authentication via API, then
they can use blank password for the operations. So this behavior needs to be clarified and
be consistent for this edge case scenario.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message