Java

Apache Cassandra Authentication and Authorization

Cassandra authentication and authorization

By default, authentication is not enabled in Cassandra and anybody can access Cassandra.

Cassandra has a simple authentication & authorization mechanism by extending the following Java interfaces.

org.apache.cassandra.auth.IAuthenticator.java
org.apache.cassandra.auth.IAuthority.java

In the source distribution (not in binary distribution) IAuthenticator and IAuthority interfaces are implemented in the SimpleAuthenticator project and it can be easily configurable with Cassandra.

If you want to have your own authentication and authorization implementation you're freely allowed to do that by extending the following interfaces.

org.apache.cassandra.auth.IAuthenticator.java
org.apache.cassandra.auth.IAuthority.java

The following steps are used to enable authentication in Cassandra.

  1. Configure cassandra.yaml
  2. Configure access.properties
  3. Configure password.properties and
  4. Cassandra.bat file in bin directory.

Step 1: Configure Cassandra.yaml

Authentication

Find org.apache.cassandra.auth.AllowAllAuthenticator and it should be replaced with org.apache.cassandra.auth.SimpleAuthenticator

Authorization

Find org.apache.cassandra.auth.AllowAllAuthorizer and it should be replaced with org.apache.cassandra.auth.SimpleAuthorizer

Step 2: Configure access.properties

Configure the required user names, keyspace names and column family names with their permission level.

You can configure the authorization up to column family level in Cassandra.

Configure keyspace permissions:

<keyspacename>.<permission>=<username>
murali.<rw>=admin,Cassandra # <rw> means read and write.
Murali.<ro>=user1 #<ro> mean read only permission.

By default all the users will have read permission for all the keyspaces.

Configure column family permissions:

<keyspacename>.<columnfamilyname>.<permission>=<username>
murali.users.<rw>=admin

Step 3: Configure password.properties

Add the required user and password to this file.

<username>=<password>
cassandra = cassandra

Step 4: Modifying JAVA_OPTS in Cassandra.bat file.

Add the following lines to the JAVA_OPTS.

-Dpasswd.properties=conf/passwd.properties
-Daccess.properties=conf/access.properties
 

Up Next
    Ebook Download
    View all
    Learn
    View all
    Get Started

    You need to be a premium member to use this feature. To access it, you'll have to upgrade your membership.

    Become a sharper developer and jumpstart your career.

    Basic

    $0

    $

    . 00

    monthly

    For Basic members:

    • Standard Profile
    • Access learning courses
    • Access free e-books
    • 1x point
    Premium

    $20

    $

    . 00

    monthly

    For Premium members:

    • Earn 2x reward points
    • Premium profile with Verified check
    • Premium Avatar with status update
    • Learning courses
    • Unlimited Certifications and badges on profile
    • Unlimited Book downloads
    • Access to Premium content
    • Online Training
    • Unlimited PDF conversions and downloads
    • Professional Resume Writing
    • Interview Preparations Guide
    • 25 messages per month
    • 1 "Kodzu" avatar, basic
    Elite

    $45

    $

    . 00

    monthly

    For Elite members:

    • Bundle E-books
    • Access to all Learn Series
    • Unlimited Apply Jobs