incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Dijkshoorn <peter.dijksho...@adyen.com>
Subject Re: Cassandra Authentication
Date Fri, 29 Jun 2012 10:44:45 GMT
You can build a jar from the SimpleAuthenticator and SimpleAuthority
classes found in the examples.
Then put the jar on the classpath of the cassandra, nicest way is to
modify the startup script:
put an s with options on line 148 in bin/cassandra:

args=`getopt vfhp:bD: "$@"`

becomes (note the added s)

args=`getopt vfhsp:bD: "$@"`

and add the -s case in the switch statement (line 173 for example) below
with these lines (do enter the right location to the jar, possibly put
it in the cassandra lib and find out the proper var):

        -s)
           
CLASSPATH="$CLASSPATH:/home/peterd/workspaces/uno/CassandraAuthenticator/CassandraSecure.jar"
            properties="$properties
-Dpasswd.properties=$CASSANDRA_CONF/passwd.properties
-Daccess.properties=$CASSANDRA_CONF/access.properties"
            shift
        ;;


Then create the access.properties file and passwd.properties file in
your cassandra config directory
passwd.properties ahs the format
jsmith=pass

and access.properties has format:
<modify-keyspaces>=jsmith
Keyspace1.<ro>=jsmith,Elvis Presley
Keyspace1.Standard1.<rw>=jsmith,Elvis Presley,dilbert

which are all self-explanatory I guess.



Good luck!

Peter Dijkshoorn
Adyen - Payments Made Easy
www.adyen.com

Visiting address:    	        Mail Address:             
Simon Carmiggeltstraat 6-50    	P.O. Box 10095
1011 DJ Amsterdam               1001 EB Amsterdam
The Netherlands                 The Netherlands

Office +31.20.240.1240
Email peter.dijkshoorn@adyen.com


On 06/29/2012 06:58 AM, Mohit Anchlia wrote:
>
> Sent from my iPad
>
> On Jun 28, 2012, at 8:45 AM, Christof Bornhoevd <cbornhoevd@gmail.com> wrote:
>
>> Hi,
>>  
>> we are using Cassandra v1.0.8 with Hector v1.0-5 and would like to move our current
system to an operational setting based on Amazon AWS. What are best practices for addessing
security for Cassandra on AWS. Besides Security Groups in AWS how is Cassandra Client to Cluster
authentication handled best? There used to be a SimpleAuthenticator that has been moved to
Examples.
>>  
>> Any recommendations/experiences that you could share? Any hints and guidance is higly
appreciated.
>>  
> Cassandra doesn't provide any security features so far. We wrote our own pluggable authoz
and authn that plugs into ldap. You might want to right something of your own that plugs in
was auto
>> Cheers and thanks a lot for any kind help!
>> Christof

Mime
View raw message