cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yuki Morishita <>
Subject Re: Limit what nodes are writeable
Date Mon, 11 Jul 2011 15:21:51 GMT
I never used the feature, but there is the way to control access based
on user name.
Configuring both conf/ and conf/, then
modify cassandra.yaml as follows.

# authentication backend, implementing IAuthenticator; used to identify users
authenticator: org.apache.cassandra.auth.SimpleAuthenticator

# authorization backend, implementing IAuthority; used to limit
access/provide permissions
authority: org.apache.cassandra.auth.SimpleAuthority

2011/7/11 Maki Watanabe <>:
> Cassandra has authentication interface, but doesn't have authorization.
> So you need to implement authorization in your application layer.
> maki
> 2011/7/11 David McNelis <>:
>> I've been looking in the documentation and haven't found anything about
>> this...  but is there support for making a node  read-only?
>> For example, you have a cluster set up in two different data centers / racks
>> / whatever, with your replication strategy set up so that the data is
>> redundant between the two places.  In one of the places all of the incoming
>> data will be  processed and inserted into your cluster.  In the other data
>> center you plan to allow people to run analytics, but you want to restrict
>> the permissions so that the people running analytics can connect to
>> Cassandra in whatever way makes the most sense for them, but you don't want
>> those people to be able to edit/update data.
>> Is it currently possible to configure your cluster in this manner?  Or would
>> it only be possible through a third-party solution like wrapping one of the
>> access libraries in a way that does not support write operations.
>> --
>> David McNelis
>> Lead Software Engineer
>> Agentis Energy
>> o: 630.359.6395
>> c: 219.384.5143
>> A Smart Grid technology company focused on helping consumers of energy
>> control an often under-managed resource.
> --
> w3m

Yuki Morishita
 t:yukim (

View raw message