cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Tunnicliffe <>
Subject Re: Does securing C*'s CQL native interface (running on port 9042) automatically secure its Thrift API interface (running on port 9160)?
Date Tue, 01 Nov 2016 09:22:20 GMT
It does, yes. Clients will be required to call the thrift login method with
a valid set of credentials before performing any other RPC calls.
btw, in versions of C* >= 2.2 the Thrift server is not enabled by default

On Mon, Oct 31, 2016 at 4:50 PM, Li, Guangxing <>

> Hi,
> I secured my C* cluster by having "authenticator:
> org.apache.cassandra.auth.PasswordAuthenticator" in cassandra.yaml. I
> know it secures the CQL native interface running on port 9042 because my
> code uses such interface. Does this also secure the Thrift API interface
> running on port 9160? I searched around the web for answers but could not
> find any. I supposed I can write a sample application using Thrift API
> interface to confirm it, but wondering if I can get a quick answer from you
> experts.
> Thanks.
> George.

View raw message