By default, Cassandra is open to everyone who has access to Cassandra's node address and port. Since most of the time it's just your applications that access Cassandra and generally the whole application ecosystem is heavily guarded (by VPN, VPC, and firewall), it may not bother you that Cassandra has no security.
To configure some sort of authentication and authorization mechanism, one may use the simple authenticator that is provided by Cassandra. SimpleAuthenticator
is not great; it has a pretty vanilla security mechanism. To enable SimpleAuthenticator
, you need to replace the allow-all configuration in cassandra.yaml
:
authenticator: org.apache.cassandra.auth.SimpleAuthenticator authority: org.apache.cassandra.auth.SimpleAuthority
Apart from this, it is a file-based security, so you need to provide two files: one for the username and password, namely, passwd.properties
, and another for user permission on keyspaces or column families, called access.properties...