Authorization and authentication

By default, Cassandra is open to everyone who has access to Cassandra's node address and ports. Since most of the time it's just your applications that access Cassandra and generally the whole application ecosystem is heavily guarded (by VPN, VPC, and firewall), it may not bother you that Cassandra has no security.

Cassandra 1.2.2 and higher provide an RDBMS-like security authorization and authentication mechanism that is a notable departure from the text file-based security before this version. To enable security, all you need to do is change two things in the cassandra.yaml file: authenticator and authorizer. By default, they are set to AllowAllAuthenticator and AllowAllAuthorizer, respectively. They work exactly ...

Get Mastering Apache Cassandra - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.