By default, Cassandra is open to everyone who has access to Cassandra's node address and ports. Since most of the time it's just your applications that access Cassandra and generally the whole application ecosystem is heavily guarded (by VPN, VPC, and firewall), it may not bother you that Cassandra has no security.
Cassandra 1.2.2 and higher provide an RDBMS-like security authorization and authentication mechanism that is a notable departure from the text file-based security before this version. To enable security, all you need to do is change two things in the cassandra.yaml
file: authenticator and authorizer. By default, they are set to AllowAllAuthenticator
and AllowAllAuthorizer
, respectively. They work exactly in ways their names suggest. Cassandra ships with PasswordAuthenticator
as authenticator and CassandraAuthorizer
as authorizer. This will enable a MySQL-like authorization and authentication system in Cassandra. For more details on working with...