cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Konotop <alexander.kono...@gmail.com>
Subject Re: Authentication setup
Date Sat, 22 Oct 2011 19:16:19 GMT
В Sat, 22 Oct 2011 22:27:16 +0530
Ertio Lew <ertiop93@gmail.com> пишет:

> Hey,
> 
> I'm too looking out for a similar thing. I guess this is a very common
> requirement & may be soon provided as built-in functionality packed
> with cassandra setup.
> 
> Btw nice to see if someone has ideas about how to implement this for
> now.
> 
> 
> 
> 
> On Fri, Oct 21, 2011 at 6:53 PM, Alexander Konotop <
> alexander.konotop@gmail.com> wrote:
> 
> > Hello :-)
> > Does anyone have a working config with normal secure authentication?
> > I've just installed Cassandra 1.0.0 and see that SimpleAuthenticate
> > is meant to be non-secure and was moved to examples. I need a
> > production config - so I've tried to write this to config:
> > ------------
> > authenticator: org.apache.cassandra.auth.AuthenticatedUser
> > authority: org.apache.cassandra.auth.AuthenticatedUser
> > ------------
> > But during cassandra startup log says:
> > ------------
> > org.apache.cassandra.config.ConfigurationException: No default
> > constructor for authenticator class
> > 'org.apache.cassandra.auth.AuthenticatedUser'.
> > ------------
> >
> > As I understand either AuthenticatedUser is a wrong class or I
> > simply don't know how to set it up - does it need additional
> > configs similar to access.properties or passwd.properties? Maybe
> > there's a way to store users in cassandra DB itself, like, fore
> > example, MySQL does?
> >
> > I've searched and tried lot of things the whole day but the only
> > info that I found were two phrases - first told that SimpleAuth is
> > just a toy and second told to look into source to look for more
> > auth methods. But, for example, this:
> > ------------
> > package org.apache.cassandra.auth;
> >
> > import java.util.Collections;
> > import java.util.Set;
> >
> > /**
> >  * An authenticated user and her groups.
> >  */
> > public class AuthenticatedUser
> > {
> >    public final String username;
> >    public final Set<String> groups;
> >
> >    public AuthenticatedUser(String username)
> >    {
> >        this.username = username;
> >        this.groups = Collections.emptySet();
> >    }
> >
> >    public AuthenticatedUser(String username, Set<String> groups)
> >    {
> >        this.username = username;
> >        this.groups = Collections.unmodifiableSet(groups);
> >    }
> >
> >    @Override
> >    public String toString()
> >    {
> >        return String.format("#<User %s groups=%s>", username,
> > groups); }
> > }
> > ------------
> > tells me just about nothing :-(
> >
> > Best regards
> > Alexander
> >

As I understand, the most common production setup for now is disabled
authentication but accepting only localhost. Am I right? Or most common
is SimpleAuthenticate with md5?

Mime
View raw message