incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Reddy <mark.re...@boxever.com>
Subject Re: Securing Cassandra database
Date Sat, 05 Apr 2014 06:38:18 GMT
Ok so you want to enable auth on Cassandra itself. You will want to look
into the authentication and authorisation functionality then.

Here is a quick overview:
http://www.datastax.com/dev/blog/a-quick-tour-of-internal-authentication-and-authorization-security-in-datastax-enterprise-and-apache-cassandra

This section of the docs should give you the technical details needed to
move forward on this:
http://www.datastax.com/documentation/cassandra/1.2/cassandra/security/securityTOC.html


Mark


On Sat, Apr 5, 2014 at 7:31 AM, Check Peck <comptechgeeky@gmail.com> wrote:

> Just to add, nobody should be able to read and write into our Cassandra
> database through any API *or any CQL client as well *only our team should
> be able to do that.
>
>
> On Fri, Apr 4, 2014 at 11:29 PM, Check Peck <comptechgeeky@gmail.com>wrote:
>
>> Thanks Mark. But what about Cassandra database? I don't want anybody to
>> read and write into our Cassandra database through any API only just our
>> team should be able to do that.
>>
>> We are using CQL based tables so data doesn't get shown on the OPSCENTER.
>>
>> In our case, we would like to secure database itself. Is this possible to
>> do as well anyhow?
>>
>>
>>
>>
>>
>> On Fri, Apr 4, 2014 at 11:24 PM, Mark Reddy <mark.reddy@boxever.com>wrote:
>>
>>> Hi,
>>>
>>> If you want to just secure OpsCenter itself take a look here:
>>> http://www.datastax.com/documentation/opscenter/4.1/opsc/configure/opscAssigningAccessRoles_t.html
>>>
>>>
>>> If you want to enable internal authentication and still allow OpsCenter
>>> access, you can create an OpsCenter user and once you have auth turned
>>> within the cluster update the cluster config with the user name and
>>> password for the OpsCenter user.
>>>
>>> Depending on your installation type you will find the cluster config in
>>> one of the following locations:
>>> Packaged installs: /etc/opscenter/clusters/<cluster_specific>.conf
>>> Binary installs: <install_location>/conf/clusters/<cluster_specific>.conf
>>> Windows installs: Program Files (x86)\DataStax
>>> Community\opscenter\conf\clusters\<cluster_specific>.conf
>>>
>>> Open the file and update the username and password values under the
>>> [cassandra] section:
>>>
>>> [cassandra]
>>> username =
>>> seed_hosts =
>>> api_port =
>>> password =
>>>
>>> After changing properties in this file, restart OpsCenter for the
>>> changes to take effect.
>>>
>>>
>>> Mark
>>>
>>>
>>> On Sat, Apr 5, 2014 at 6:54 AM, Check Peck <comptechgeeky@gmail.com>wrote:
>>>
>>>> Hi All,
>>>>
>>>> We would like to secure our Cassandra database. We don't want anybody
>>>> to read/write on our Cassandra database leaving our team members only.
>>>>
>>>>
>>>>
>>>> We are using Cassandra 1.2.9 in Production and we have 36 node
>>>> Cassandra cluster. 12 in each colo as we have three datacenters.
>>>>
>>>>
>>>> But we would like to have OPSCENTER working as it is working currently.
>>>>
>>>>
>>>>
>>>> Is this possible to do anyhow? Is there any settings in yaml file which
>>>> we can enforce?
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>

Mime
View raw message