| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| <meta charset="utf-8"> |
| <meta name="viewport" content="width=device-width,initial-scale=1.0"> |
| <title>Security | Apache Cassandra Documentation</title> |
| <link rel="stylesheet" href="../../../../../assets/css/site.css"> |
| <link rel="schema.dcterms" href="https://purl.org/dc/terms/"> |
| <meta name="dcterms.subject" content="Cassandra"> |
| <meta name="dcterms.identifier" content="5.0"> |
| <meta name="generator" content="Antora 2.3.4"> |
| <link rel="icon" href="../../../../../assets/img/favicon.ico" type="image/x-icon"> |
| <script> |
| const script = document.createElement("script"); |
| const domain = window.location.hostname; |
| script.type = "text/javascript"; |
| script.src = "https://plausible.cassandra.apache.org/js/plausible.js"; |
| script.setAttribute("data-domain",domain); |
| script.setAttribute("defer",'true'); |
| script.setAttribute("async",'true'); |
| document.getElementsByTagName("head")[0].appendChild(script); |
| </script> </head> |
| <body class="docs-wrapper article"> |
| <div class="container mx-auto relative"> |
| <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script> |
| <meta property="og:type" content="website" /> |
| <meta property="og:url" content="/" /> |
| <meta property="og:site_name" content="Apache Cassandra" /> |
| |
| <header id="top-nav"> |
| <div class="inner relative"> |
| <div class="header-social-icons text-right"> |
| <a href="https://twitter.com/cassandra?lang=en" target="_blank" styles="margin-left: 20px;"><img src="../../../../../assets/img/twitter-icon-circle-white.svg" alt="twitter icon" width="24"></a> |
| <a href="https://www.linkedin.com/company/apache-cassandra/" target="_blank" styles="margin-left: 20px;"><img src="../../../../../assets/img/LI-In-Bug.png" alt="linked-in icon" width="24"></a> |
| <a href="https://www.youtube.com/c/PlanetCassandra" target="_blank" styles="margin-left: 20px;"><img src="../../../../../assets/img/youtube-icon.png" alt="youtube icon" width="24"></a> |
| </div> |
| <div class="cf"> |
| <div class="logo left"><a href="/"><img src="../../../../../assets/img/logo-white-r.png" alt="Cassandra Logo"></a></div> |
| <div class="mobile-nav-icon right"> |
| <img class="toggle-icon" src="../../../../../assets/img/hamburger-nav.svg"> |
| </div> |
| <ul class="main-nav nav-links right flex flex-vert-center flex-space-between"> |
| <li> |
| <a class="nav-link hide-mobile">Get Started</a> |
| <ul class="sub-menu bg-white"> |
| <li class="pa-micro"> |
| <a href="/_/cassandra-basics.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-basics.png" alt="cassandra basics icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Cassandra Basics |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro"> |
| <a href="/_/quickstart.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-rocket.png" alt="cassandra basics icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Quickstart |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro"> |
| <a href="/_/ecosystem.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-ecosystem.png" alt="cassandra basics icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Ecosystem |
| </div> |
| </a> |
| </li> |
| </ul> |
| </li> |
| <li><a class="nav-link" href="/doc/latest/">Documentation</a></li> |
| <li> |
| <a class="nav-link" href="/_/community.html">Community</a> |
| <ul class="sub-menu bg-white"> |
| <li class="pa-micro"> |
| <a href="/_/community.html#code-of-conduct"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-welcome.png" alt="welcome icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Welcome |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro hide-mobile"> |
| <a href="/_/community.html#discussions"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-discussions.png" alt="discussions icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Discussions |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro hide-mobile"> |
| <a href="/_/community.html#project-governance"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-governance.png" alt="Governance icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Governance |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro hide-mobile"> |
| <a href="/_/community.html#how-to-contribute"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-contribute.png" alt="Contribute icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Contribute |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro hide-mobile"> |
| <a href="/_/community.html#meet-the-community"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-community.png" alt="Meet the Community icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Meet the Community |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro hide-mobile"> |
| <a href="/_/cassandra-catalyst-program.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-catalyst.png" alt="Catalyst icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Catalyst Program |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro hide-mobile"> |
| <a href="/_/events.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-events.png" alt="Events icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Events |
| </div> |
| </a> |
| </li> |
| </ul> |
| </li> |
| <li> |
| <a class="nav-link hide-mobile">Learn</a> |
| <ul class="sub-menu bg-white"> |
| <li class="pa-micro"> |
| <a href="/_/Apache-Cassandra-5.0-Moving-Toward-an-AI-Driven-Future.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-basics.png" alt="Basics icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Cassandra 5.0 |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro"> |
| <a href="/_/case-studies.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-case-study.png" alt="Case Studies icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Case Studies |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro"> |
| <a href="/_/resources.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-resources.png" alt="Resources icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Resources |
| </div> |
| </a> |
| </li> |
| <li class="pa-micro"> |
| <a href="/_/blog.html"> |
| <div class="sub-nav-icon"> |
| <img src="../../../../../assets/img/sub-menu-blog.png" alt="Blog icon"> |
| </div> |
| <div class="sub-nav-text teal py-small"> |
| Blog |
| </div> |
| </a> |
| </li> |
| </ul> |
| </li> |
| <li><a class="nav-link btn btn--filled" href="/_/download.html">Download Now</a></li> |
| </ul> |
| </div> |
| </div> |
| </header> |
| |
| <div class="hero hero--home grad"> |
| <div class="eye"></div> |
| <div id="docs-content" class="text-center flex flex-center flex-column relative z2 ma-xlarge"> |
| <h2>Cassandra Documentation</h2> |
| </div> |
| </div> |
| <div class="body px-medium py-medium container"> |
| <div class="docs-nav-bar flex flex-space-between mb-medium"> |
| <div id="mobile-docs-nav-burger" class="hidden"> |
| <svg viewBox="0 0 24 24" width="36" height="36" stroke="#1c81a0" stroke-width="2.5" fill="none" stroke-linecap="round" stroke-linejoin="round" class="css-i6dzq1"><line x1="3" y1="12" x2="21" y2="12"></line><line x1="3" y1="6" x2="21" y2="6"></line><line x1="3" y1="18" x2="21" y2="18"></line></svg> |
| </div> |
| <div class="docs-nav-item relative"> |
| <input id="search-input" type="text" placeholder="Search docs"> |
| </div> |
| <div class="versions-wrapper"> |
| <h4>Version:</h4> |
| <div class="nav-panel-explore" data-panel="explore"> |
| |
| <div id="version-toggle" class="context"> |
| <span class="version">5.0</span> |
| </div> |
| <ul id="versions-list" class="components"> |
| <li class="component"> |
| <ul class="versions"> |
| <li class="version is-latest"> |
| <a href="../../../../../_/index.html">master</a> |
| </li> |
| </ul> |
| </li> |
| <li class="component is-current"> |
| <ul class="versions"> |
| <li class="version"> |
| <a href="../../../../trunk/index.html">trunk</a> |
| </li> |
| <li class="version is-current"> |
| <a href="../../../index.html">5.0</a> |
| </li> |
| <li class="version is-latest"> |
| <a href="../../../../4.1/index.html">4.1</a> |
| </li> |
| <li class="version"> |
| <a href="../../../../4.0/index.html">4.0</a> |
| </li> |
| <li class="version"> |
| <a href="../../../../3.11/index.html">3.11</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> </div> |
| <div class="cf relative"> |
| <nav class="nav docs-nav full-800"> |
| <div class="nav-menu"> |
| <ul class="nav-list"> |
| <li class="nav-item is-active" data-depth="0"> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="1"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../../index.html">Main</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/glossary.html">Glossary</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/bugs.html">How to report bugs</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/contactus.html">Contact us</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../../../../_/development/index.html">Development</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/gettingstarted.html">Getting started</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/ide.html">Building and IDE integration</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/testing.html">Testing</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/patches.html">Contributing code changes</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/code_style.html">Code style</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/how_to_review.html">Review checklist</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/how_to_commit.html">How to commit</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/documentation.html">Working on documentation</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/ci.html">Jenkins CI environment</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/dependencies.html">Dependency management</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../../../../_/development/release_process.html">Release process</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item is-active" data-depth="0"> |
| <ul class="nav-list"> |
| <li class="nav-item is-current-path is-active" data-depth="1"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <span class="nav-text">Cassandra</span> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../overview/faq/index.html">FAQ</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../getting-started/index.html">Getting Started</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/cassandra-quickstart.html">Cassandra Quickstart</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/sai-quickstart.html">SAI Quickstart</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/vector-search-quickstart.html">Vector Search Quickstart</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../installing/installing.html">Installing Cassandra</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/configuring.html">Configuring Cassandra</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/querying.html">Inserting and querying</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/drivers.html">Client drivers</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/production.html">Production recommendations</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../new/index.html">What’s new</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/java17.html">Support for Java</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../architecture/index.html">Architecture</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../architecture/overview.html">Overview</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../architecture/dynamo.html">Dynamo</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../architecture/storage-engine.html">Storage Engine</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../architecture/guarantees.html">Guarantees</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../architecture/messaging.html">Improved Internode Messaging</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../architecture/streaming.html">Improved Streaming</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../developing/data-modeling/index.html">Data Modeling</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/intro.html">Introduction</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_conceptual.html">Conceptual data modeling</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_rdbms.html">RDBMS design</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_queries.html">Defining application queries</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_logical.html">Logical data modeling</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_physical.html">Physical data modeling</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_refining.html">Evaluating and refining data models</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_schema.html">Defining database schema</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/data-modeling/data-modeling_tools.html">Cassandra data modeling tools</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../developing/cql/index.html">Cassandra Query Language (CQL)</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/definitions.html">Definitions</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/types.html">Data types</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/ddl.html">Data definition (DDL)</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/dml.html">Data manipulation (DML)</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/dynamic-data-masking.html">Dynamic Data Masking (DDM)</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/operators.html">Operators</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../developing/cql/indexing/indexing-concepts.html">Indexing concepts</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../developing/cql/indexing/sai/sai-overview.html">SAI Overview</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/sai/sai-concepts.html">Concepts</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/sai-quickstart.html">SAI Quickstart</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/sai/sai-faq.html">SAI FAQ</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/sai/sai-working-with.html">Working with SAI</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/sai/operations/sai-operations.html">SAI operations</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../developing/cql/indexing/2i/2i-overview.html">Secondary indexes (2i) overview</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/2i/2i-concepts.html">Concepts</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/2i/2i-working-with.html">Working with 2i</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/indexing/2i/operations/2i-build.html">Rebuild 2i</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/mvs.html">Materialized views</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/functions.html">Functions</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/json.html">JSON</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/security.html">Security</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/triggers.html">Triggers</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/appendices.html">Appendices</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/changes.html">Changes</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/SASI.html">SASI</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../developing/cql/cql_singlefile.html">Single file of CQL information</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../vector-search/overview.html">Vector Search overview</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../vector-search/concepts.html">Concepts</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../vector-search/data-modeling.html">Data Modeling</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../getting-started/vector-search-quickstart.html">Vector Search Quickstart</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../vector-search/vector-search-working-with.html">Working with Vector Search</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item is-current-path is-active" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../index.html">Managing</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../configuration/index.html">Configuring</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_yaml_file.html">cassandra.yaml</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_rackdc_file.html">cassandra-rackdc.properties</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_env_sh_file.html">cassandra-env.sh</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_topo_file.html">cassandra-topologies.properties</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_cl_archive_file.html">commitlog-archiving.properties</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_logback_xml_file.html">logback.xml</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/cass_jvm_options_file.html">jvm-* files</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../configuration/configuration.html">Liberating cassandra.yaml Parameters' Names from Their Units</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item is-current-path is-active" data-depth="3"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="index.html">Operating</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="backups.html">Backups</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="bloom_filters.html">Bloom filters</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="bulk_loading.html">Bulk loading</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="cdc.html">Change Data Capture (CDC)</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="compaction/index.html">Compaction</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="compression.html">Compression</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="hardware.html">Hardware</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="hints.html">Hints</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="logging.html">Logging</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="auditlogging.html">Audit logging</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="audit_logging.html">Audit logging 2</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="5"> |
| <span class="nav-line"> |
| <a class="nav-link" href="fqllogging.html">Full query logging</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="metrics.html">Monitoring metrics</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="repair.html">Repair</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="read_repair.html">Read repair</a> |
| </span> |
| </li> |
| <li class="nav-item is-current-page is-active" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="security.html">Security</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="snitch.html">Snitches</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="topo_changes.html">Topology changes</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="transientreplication.html">Transient replication</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="virtualtables.html">Virtual tables</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../tools/index.html">Tools</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../tools/cqlsh.html">cqlsh: the CQL shell</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../tools/nodetool/nodetool.html">nodetool</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../tools/sstable/index.html">SSTable tools</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <span class="nav-line"> |
| <a class="nav-link" href="#cassandra:managing/tools/cassandra_stress.adoc">cassandra-stress</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../troubleshooting/index.html">Troubleshooting</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../troubleshooting/finding_nodes.html">Finding misbehaving nodes</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../troubleshooting/reading_logs.html">Reading Cassandra logs</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../troubleshooting/use_nodetool.html">Using nodetool</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../troubleshooting/use_tools.html">Using external tools to deep-dive</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <button class="nav-toggle"></button> |
| <a class="nav-link" href="../../reference/index.html">Reference</a> |
| </span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/cql-commands/alter-table.html">ALTER TABLE</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/cql-commands/create-index.html">CREATE INDEX</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/cql-commands/create-custom-index.html">CREATE CUSTOM INDEX</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/cql-commands/create-table.html">CREATE TABLE</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/cql-commands/drop-index.html">DROP INDEX</a> |
| </span> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../reference/cql-commands/drop-table.html">DROP TABLE</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <span class="nav-line"> |
| <a class="nav-link" href="../../integrating/plugins/index.html">Plug-ins</a> |
| </span> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </nav> |
| <aside class="toc sidebar"> |
| <div class="toc-menu"></div> |
| </aside> |
| <main class="article default-main full-800" data-ceiling="topbar"> |
| <div class="article-banner"> |
| <p>You are viewing the documentation for a prerelease version.</p> |
| </div> |
| <div class="article-header"> |
| <nav class="crumbs" aria-label="breadcrumbs"> |
| <ul> |
| <li class="crumb">Cassandra</li> |
| <li class="crumb"><a href="../index.html">Managing</a></li> |
| <li class="crumb"><a href="index.html">Operating</a></li> |
| <li class="crumb"><a href="security.html">Security</a></li> |
| </ul> |
| </nav> |
| <div class="tools" role="navigation"> |
| <ul> |
| <li class="tool edit"><a href="https://github.com/apache/cassandra/edit/cassandra-5.0/doc/modules/cassandra/pages/managing/operating/security.adoc" title="Edit Page" target="_blank" rel="noopener">Edit</a></li> |
| </ul> |
| </div> |
| </div> |
| <article class="doc"> |
| <h1 class="page">Security</h1> |
| <div id="preamble"> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>There are three main components to the security features provided by |
| Cassandra:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>TLS/SSL encryption for client and inter-node communication</p> |
| </li> |
| <li> |
| <p>Client authentication</p> |
| </li> |
| <li> |
| <p>Authorization</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>By default, these features are disabled as Cassandra is configured to |
| easily find and be found by other members of a cluster. In other words, |
| an out-of-the-box Cassandra installation presents a large attack surface |
| for a bad actor. Enabling authentication for clients using the binary |
| protocol is not sufficient to protect a cluster. Malicious users able to |
| access internode communication and JMX ports can still:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Craft internode messages to insert users into authentication schema</p> |
| </li> |
| <li> |
| <p>Craft internode messages to truncate or drop schema</p> |
| </li> |
| <li> |
| <p>Use tools such as <code>sstableloader</code> to overwrite <code>system_auth</code> tables</p> |
| </li> |
| <li> |
| <p>Attach to the cluster directly to capture write traffic</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>Correct configuration of all three security components should negate |
| theses vectors. Therefore, understanding Cassandra’s security features |
| is crucial to configuring your cluster to meet your security needs.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="tlsssl-encryption"><a class="anchor" href="#tlsssl-encryption"></a>TLS/SSL Encryption</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Cassandra provides secure communication between a client machine and a |
| database cluster and between nodes within a cluster. Enabling encryption |
| ensures that data in flight is not compromised and is transferred |
| securely. The options for client-to-node and node-to-node encryption are |
| managed separately and may be configured independently.</p> |
| </div> |
| <div class="paragraph"> |
| <p>In both cases, the JVM defaults for supported protocols and cipher |
| suites are used when encryption is enabled. These can be overidden using |
| the settings in <code>cassandra.yaml</code>, but this is not recommended unless |
| there are policies in place which dictate certain settings or a need to |
| disable vulnerable ciphers or protocols in cases where the JVM cannot be |
| updated.</p> |
| </div> |
| <div class="paragraph"> |
| <p>FIPS compliant settings can be configured at the JVM level and should |
| not involve changing encryption settings in cassandra.yaml. See |
| <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/FIPS.html">the |
| java document on FIPS</a> for more details.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Cassandra provides flexibility of using Java based key material or |
| completely customizing the SSL context. You can choose any keystore |
| format supported by Java (JKS, PKCS12 etc) as well as other standards |
| like PEM. You can even customize the SSL context creation to use Cloud |
| Native technologies like Kuberenetes Secrets for storing the key |
| material or to integrate with your in-house Key Management System.</p> |
| </div> |
| <div class="paragraph"> |
| <p>For information on generating the keystore and truststore files |
| required with the Java supported keystores used in SSL communications, |
| see the |
| <a href="http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore">java |
| documentation on creating keystores</a>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>For customizing the SSL context creation you can implement |
| <a href="https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/security/ISslContextFactory.java">ISslContextCreationFactory</a> |
| interface or extend one of its public subclasses appropriately. You |
| can then use the <code>ssl_context_factory</code> setting for |
| <code>server_encryption_options</code> or <code>client_encryption_options</code> sections |
| appropriately. See <a href="https://github.com/apache/cassandra/tree/trunk/examples/ssl-factory">ssl-factory examples</a> |
| for details. Refer to the below class diagram to understand the |
| class hierarchy.</p> |
| </div> |
| <div class="imageblock"> |
| <div class="content"> |
| <img src="../../_images/cassandra_ssl_context_factory_pem.png" alt="image"> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="using-pem-based-key-material"><a class="anchor" href="#using-pem-based-key-material"></a>Using PEM based key material</h3> |
| <div class="paragraph"> |
| <p>You can use the in-built class <code>PEMBasedSSLContextFactory</code> as the |
| <code>ssl_context_factory</code> setting for the PEM based key material.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You can configure this factory with either inline PEM data or with the |
| files having the required PEM data as shown below,</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Configuration: PEM keys/certs defined in-line (mind the spaces in the |
| YAML!)</p> |
| </li> |
| </ul> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre> client/server_encryption_options: |
| ssl_context_factory: |
| class_name: org.apache.cassandra.security.PEMBasedSslContextFactory |
| parameters: |
| private_key: | |
| -----BEGIN ENCRYPTED PRIVATE KEY----- OR -----BEGIN PRIVATE KEY----- |
| <your base64 encoded private key> |
| -----END ENCRYPTED PRIVATE KEY----- OR -----END PRIVATE KEY----- |
| -----BEGIN CERTIFICATE----- |
| <your base64 encoded certificate chain> |
| -----END CERTIFICATE----- |
| |
| private_key_password: "<your password if the private key is encrypted with a password>" |
| |
| trusted_certificates: | |
| -----BEGIN CERTIFICATE----- |
| <your base64 encoded certificate> |
| -----END CERTIFICATE-----</pre> |
| </div> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Configuration: PEM keys/certs defined in files</p> |
| </li> |
| </ul> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre> client/server_encryption_options: |
| ssl_context_factory: |
| class_name: org.apache.cassandra.security.PEMBasedSslContextFactory |
| keystore: <file path to the keystore file in the PEM format with the private key and the certificate chain> |
| keystore_password: "<your password if the private key is encrypted with a password>" |
| truststore: <file path to the truststore file in the PEM format></pre> |
| </div> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="ssl-certificate-hot-reloading"><a class="anchor" href="#ssl-certificate-hot-reloading"></a>SSL Certificate Hot Reloading</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Beginning with Cassandra 4, Cassandra supports hot reloading of SSL |
| Certificates. If SSL/TLS support is enabled in Cassandra and you are |
| using default file based key material, the node periodically (every |
| 10 minutes) polls the Trust and Key Stores specified in |
| cassandra.yaml. When the files are updated, Cassandra will reload |
| them and use them for subsequent connections. Please note that the |
| Trust & Key Store passwords are part of the yaml so the updated files |
| should also use the same passwords.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If you are customizing the SSL configuration via <code>ssl_context_factory</code> |
| setting, Cassandra polls (at the same periodic interval mentioned above) |
| your implementation to check if the SSL certificates need to be |
| reloaded. See the <a href="https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/security/ISslContextFactory.java#L90">ISslContextFactory</a> documentation for more details. |
| If you are using one of the Cassandra’s in-built SSL context factory |
| class (example: PEMBasedSslContextFactory) with file based key |
| material, it supports the hot reloading of the SSL certificates like |
| mentioned above.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Certificate Hot reloading may also be triggered using the |
| <code>nodetool reloadssl</code> command. Use this if you want to Cassandra to |
| immediately notice the changed certificates.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="inter-node-encryption"><a class="anchor" href="#inter-node-encryption"></a>Inter-node Encryption</h3> |
| <div class="paragraph"> |
| <p>The settings for managing inter-node encryption are found in |
| <code>cassandra.yaml</code> in the <code>server_encryption_options</code> section. To enable |
| inter-node encryption, change the <code>internode_encryption</code> setting from |
| its default value of <code>none</code> to one value from: <code>rack</code>, <code>dc</code> or <code>all</code>.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="client-to-node-encryption"><a class="anchor" href="#client-to-node-encryption"></a>Client to Node Encryption</h3> |
| <div class="paragraph"> |
| <p>The settings for managing client to node encryption are found in |
| <code>cassandra.yaml</code> in the <code>client_encryption_options</code> section. There are |
| two primary toggles here for enabling encryption, <code>enabled</code> and |
| <code>optional</code>.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>If neither is set to <code>true</code>, client connections are entirely |
| unencrypted.</p> |
| </li> |
| <li> |
| <p>If <code>enabled</code> is set to <code>true</code> and <code>optional</code> is set to <code>false</code>, all |
| client connections must be secured.</p> |
| </li> |
| <li> |
| <p>If both options are set to <code>true</code>, both encrypted and unencrypted |
| connections are supported using the same port. Client connections using |
| encryption with this configuration will be automatically detected and |
| handled by the server.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>As an alternative to the <code>optional</code> setting, separate ports can also be |
| configured for secure and unsecure connections where operational |
| requirements demand it. To do so, set <code>optional</code> to false and use the |
| <code>native_transport_port_ssl</code> setting in <code>cassandra.yaml</code> to specify the |
| port to be used for secure client communication.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="operation-roles"><a class="anchor" href="#operation-roles"></a>Roles</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Cassandra uses database roles, which may represent either a single user |
| or a group of users, in both authentication and permissions management. |
| Role management is an extension point in Cassandra and may be configured |
| using the <code>role_manager</code> setting in <code>cassandra.yaml</code>. The default |
| setting uses <code>CassandraRoleManager</code>, an implementation which stores role |
| information in the tables of the <code>system_auth</code> keyspace.</p> |
| </div> |
| <div class="paragraph"> |
| <p>See also the <a href="../../developing/cql/security.html#database-roles" class="page"><code>CQL documentation on roles</code></a>.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="authentication"><a class="anchor" href="#authentication"></a>Authentication</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Authentication is pluggable in Cassandra and is configured using the |
| <code>authenticator</code> setting in <code>cassandra.yaml</code>. Cassandra ships with two |
| options included in the default distribution.</p> |
| </div> |
| <div class="paragraph"> |
| <p>By default, Cassandra is configured with <code>AllowAllAuthenticator</code> which |
| performs no authentication checks and therefore requires no credentials. |
| It is used to disable authentication completely. Note that |
| authentication is a necessary condition of Cassandra’s permissions |
| subsystem, so if authentication is disabled, effectively so are |
| permissions.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The default distribution also includes <code>PasswordAuthenticator</code>, which |
| stores encrypted credentials in a system table. This can be used to |
| enable simple username/password authentication.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="password-authentication"><a class="anchor" href="#password-authentication"></a>Enabling Password Authentication</h3> |
| <div class="paragraph"> |
| <p>Before enabling client authentication on the cluster, client |
| applications should be pre-configured with their intended credentials. |
| When a connection is initiated, the server will only ask for credentials |
| once authentication is enabled, so setting up the client side config in |
| advance is safe. In contrast, as soon as a server has authentication |
| enabled, any connection attempt without proper credentials will be |
| rejected which may cause availability problems for client applications. |
| Once clients are setup and ready for authentication to be enabled, |
| follow this procedure to enable it on the cluster.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Pick a single node in the cluster on which to perform the initial |
| configuration. Ideally, no clients should connect to this node during |
| the setup process, so you may want to remove it from client config, |
| block it at the network level or possibly add a new temporary node to |
| the cluster for this purpose. On that node, perform the following steps:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Open a <code>cqlsh</code> session and change the replication factor of the |
| <code>system_auth</code> keyspace. By default, this keyspace uses |
| <code>SimpleReplicationStrategy</code> and a <code>replication_factor</code> of 1. It is |
| recommended to change this for any non-trivial deployment to ensure that |
| should nodes become unavailable, login is still possible. Best practice |
| is to configure a replication factor of 3 to 5 per-DC.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-cql hljs" data-lang="cql">ALTER KEYSPACE system_auth WITH replication = {'class': 'NetworkTopologyStrategy', 'DC1': 3, 'DC2': 3};</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="2"> |
| <li> |
| <p>Edit <code>cassandra.yaml</code> to change the <code>authenticator</code> option like so:</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-yaml hljs" data-lang="yaml">authenticator: PasswordAuthenticator</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="3"> |
| <li> |
| <p>Restart the node.</p> |
| </li> |
| <li> |
| <p>Open a new <code>cqlsh</code> session using the credentials of the default |
| superuser:</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">$ cqlsh -u cassandra -p cassandra</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="5"> |
| <li> |
| <p>During login, the credentials for the default superuser are read with |
| a consistency level of <code>QUORUM</code>, whereas those for all other users |
| (including superusers) are read at <code>LOCAL_ONE</code>. In the interests of |
| performance and availability, as well as security, operators should |
| create another superuser and disable the default one. This step is |
| optional, but highly recommended. While logged in as the default |
| superuser, create another superuser role which can be used to bootstrap |
| further configuration.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-cql hljs" data-lang="cql"># create a new superuser |
| CREATE ROLE dba WITH SUPERUSER = true AND LOGIN = true AND PASSWORD = 'super';</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="6"> |
| <li> |
| <p>Start a new cqlsh session, this time logging in as the new_superuser |
| and disable the default superuser.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-cql hljs" data-lang="cql">ALTER ROLE cassandra WITH SUPERUSER = false AND LOGIN = false;</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="7"> |
| <li> |
| <p>Finally, set up the roles and credentials for your application users |
| with <a href="../../developing/cql/security.html#create-role" class="page"><code>CREATE ROLE</code></a> statements.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>At the end of these steps, the one node is configured to use password |
| authentication. To roll that out across the cluster, repeat steps 2 and |
| 3 on each node in the cluster. Once all nodes have been restarted, |
| authentication will be fully enabled throughout the cluster.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Note that using <code>PasswordAuthenticator</code> also requires the use of |
| <a href="../../developing/cql/security.html#operation-roles" class="page"><code>CassandraRoleManager</code></a>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>See also: <code>setting-credentials-for-internal-authentication</code>, |
| <a href="../../developing/cql/security.html#create-role" class="page"><code>CREATE ROLE</code></a>, |
| <a href="../../developing/cql/security.html#alter-role" class="page"><code>ALTER ROLE</code></a>, |
| <a href="#xref:cassandra:developing/cql/security.adoc#alter-keyspace" class="page unresolved"><code>ALTER KEYSPACE</code></a> and |
| <a href="../../developing/cql/security.html#grant-permission" class="page"><code>GRANT PERMISSION</code></a>.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="authorization"><a class="anchor" href="#authorization"></a>Authorization</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Authorization is pluggable in Cassandra and is configured using the |
| <code>authorizer</code> setting in <code>cassandra.yaml</code>. Cassandra ships with two |
| options included in the default distribution.</p> |
| </div> |
| <div class="paragraph"> |
| <p>By default, Cassandra is configured with <code>AllowAllAuthorizer</code> which |
| performs no checking and so effectively grants all permissions to all |
| roles. This must be used if <code>AllowAllAuthenticator</code> is the configured |
| authenticator.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The default distribution also includes <code>CassandraAuthorizer</code>, which does |
| implement full permissions management functionality and stores its data |
| in Cassandra system tables.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="enabling-internal-authorization"><a class="anchor" href="#enabling-internal-authorization"></a>Enabling Internal Authorization</h3> |
| <div class="paragraph"> |
| <p>Permissions are modelled as a whitelist, with the default assumption |
| that a given role has no access to any database resources. The |
| implication of this is that once authorization is enabled on a node, all |
| requests will be rejected until the required permissions have been |
| granted. For this reason, it is strongly recommended to perform the |
| initial setup on a node which is not processing client requests.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following assumes that authentication has already been enabled via |
| the process outlined in <code>password-authentication</code>. Perform these steps |
| to enable internal authorization across the cluster:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>On the selected node, edit <code>cassandra.yaml</code> to change the <code>authorizer</code> |
| option like so:</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-yaml hljs" data-lang="yaml">authorizer: CassandraAuthorizer</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="2"> |
| <li> |
| <p>Restart the node.</p> |
| </li> |
| <li> |
| <p>Open a new <code>cqlsh</code> session using the credentials of a role with |
| superuser credentials:</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">$ cqlsh -u dba -p super</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="4"> |
| <li> |
| <p>Configure the appropriate access privileges for your clients using |
| <a href="cql.html#grant-permission">GRANT PERMISSION</a> statements. On the |
| other nodes, until configuration is updated and the node restarted, this |
| will have no effect so disruption to clients is avoided.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-cql hljs" data-lang="cql">GRANT SELECT ON ks.t1 TO db_user;</code></pre> |
| </div> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic" start="5"> |
| <li> |
| <p>Once all the necessary permissions have been granted, repeat steps 1 |
| and 2 for each node in turn. As each node restarts and clients |
| reconnect, the enforcement of the granted permissions will begin.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>See also: <a href="../../developing/cql/security.html#grant-permission" class="page"><code>GRANT PERMISSION</code></a>, |
| <a href="../../developing/cql/security.html#grant-all" class="page"><code>GRANT ALL</code></a> and |
| <a href="../../developing/cql/security.html#revoke-permission" class="page"><code>REVOKE PERMISSION</code></a>.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="auth-caching"><a class="anchor" href="#auth-caching"></a>Caching</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Enabling authentication and authorization places additional load on the |
| cluster by frequently reading from the <code>system_auth</code> tables. |
| Furthermore, these reads are in the critical paths of many client |
| operations, and so has the potential to severely impact quality of |
| service. To mitigate this, auth data such as credentials, permissions |
| and role details are cached for a configurable period. The caching can |
| be configured (and even disabled) from <code>cassandra.yaml</code> or using a JMX |
| client. The JMX interface also supports invalidation of the various |
| caches, but any changes made via JMX are not persistent and will be |
| re-read from <code>cassandra.yaml</code> when the node is restarted.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Each cache has 3 options which can be set:</p> |
| </div> |
| <div class="dlist"> |
| <dl> |
| <dt class="hdlist1">Validity Period</dt> |
| <dd> |
| <p>Controls the expiration of cache entries. After this period, entries |
| are invalidated and removed from the cache.</p> |
| </dd> |
| <dt class="hdlist1">Refresh Rate</dt> |
| <dd> |
| <p>Controls the rate at which background reads are performed to pick up |
| any changes to the underlying data. While these async refreshes are |
| performed, caches will continue to serve (possibly) stale data. |
| Typically, this will be set to a shorter time than the validity |
| period.</p> |
| </dd> |
| <dt class="hdlist1">Max Entries</dt> |
| <dd> |
| <p>Controls the upper bound on cache size.</p> |
| </dd> |
| </dl> |
| </div> |
| <div class="paragraph"> |
| <p>The naming for these options in <code>cassandra.yaml</code> follows the convention:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code><type>_validity_in_ms</code></p> |
| </li> |
| <li> |
| <p><code><type>_update_interval_in_ms</code></p> |
| </li> |
| <li> |
| <p><code><type>_cache_max_entries</code></p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>Where <code><type></code> is one of <code>credentials</code>, <code>permissions</code>, or <code>roles</code>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>As mentioned, these are also exposed via JMX in the mbeans under the |
| <code>org.apache.cassandra.auth</code> domain.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="jmx-access"><a class="anchor" href="#jmx-access"></a>JMX access</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Access control for JMX clients is configured separately to that for CQL. |
| For both authentication and authorization, two providers are available; |
| the first based on standard JMX security and the second which integrates |
| more closely with Cassandra’s own auth subsystem.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The default settings for Cassandra make JMX accessible only from |
| localhost. To enable remote JMX connections, edit <code>cassandra-env.sh</code> |
| to change the <code>LOCAL_JMX</code> setting to |
| <code>no</code>. Under the standard configuration, when remote JMX connections are |
| enabled, <code>standard JMX authentication <standard-jmx-auth></code> is also |
| switched on.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Note that by default, local-only connections are not subject to |
| authentication, but this can be enabled.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If enabling remote connections, it is recommended to also use |
| <a href="#jmx-with-ssl"><code>SSL</code></a> connections.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Finally, after enabling auth and/or SSL, ensure that tools which use |
| JMX, such as <a href="#tools/nodetool/nodetools.adoc" class="page unresolved"><code>nodetool</code></a> are correctly configured and working |
| as expected.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="standard-jmx-auth"><a class="anchor" href="#standard-jmx-auth"></a>Standard JMX Auth</h3> |
| <div class="paragraph"> |
| <p>Users permitted to connect to the JMX server are specified in a simple |
| text file. The location of this file is set in <code>cassandra-env.sh</code> by the |
| line:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=/etc/cassandra/jmxremote.password"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Edit the password file to add username/password pairs:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-none hljs" data-lang="none">jmx_user jmx_password</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Secure the credentials file so that only the user running the Cassandra |
| process can read it :</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">$ chown cassandra:cassandra /etc/cassandra/jmxremote.password |
| $ chmod 400 /etc/cassandra/jmxremote.password</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Optionally, enable access control to limit the scope of what defined |
| users can do via JMX. Note that this is a fairly blunt instrument in |
| this context as most operational tools in Cassandra require full |
| read/write access. To configure a simple access file, uncomment this |
| line in <code>cassandra-env.sh</code>:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">#JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.access.file=/etc/cassandra/jmxremote.access"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Then edit the access file to grant your JMX user readwrite permission:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-none hljs" data-lang="none">jmx_user readwrite</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Cassandra must be restarted to pick up the new settings.</p> |
| </div> |
| <div class="paragraph"> |
| <p>See also : |
| <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html#gdenv">Using |
| File-Based Password Authentication In JMX</a></p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="cassandra-integrated-auth"><a class="anchor" href="#cassandra-integrated-auth"></a>Cassandra Integrated Auth</h3> |
| <div class="paragraph"> |
| <p>An alternative to the out-of-the-box JMX auth is to useeCassandra’s own |
| authentication and/or authorization providers for JMX clients. This is |
| potentially more flexible and secure but it come with one major caveat. |
| Namely that it is not available until <span class="title-ref">after</span> a node has |
| joined the ring, because the auth subsystem is not fully configured |
| until that point However, it is often critical for monitoring purposes |
| to have JMX access particularly during bootstrap. So it is recommended, |
| where possible, to use local only JMX auth during bootstrap and then, if |
| remote connectivity is required, to switch to integrated auth once the |
| node has joined the ring and initial setup is complete.</p> |
| </div> |
| <div class="paragraph"> |
| <p>With this option, the same database roles used for CQL authentication |
| can be used to control access to JMX, so updates can be managed |
| centrally using just <code>cqlsh</code>. Furthermore, fine grained control over |
| exactly which operations are permitted on particular MBeans can be |
| acheived via <a href="../../developing/cql/security.html#grant-permission" class="page"><code>GRANT PERMISSION</code></a>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>To enable integrated authentication, edit <code>cassandra-env.sh</code> to |
| uncomment these lines:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">#JVM_OPTS="$JVM_OPTS -Dcassandra.jmx.remote.login.config=CassandraLogin" |
| #JVM_OPTS="$JVM_OPTS -Djava.security.auth.login.config=$CASSANDRA_HOME/conf/cassandra-jaas.config"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>And disable the JMX standard auth by commenting this line:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=/etc/cassandra/jmxremote.password"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>To enable integrated authorization, uncomment this line:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">#JVM_OPTS="$JVM_OPTS -Dcassandra.jmx.authorizer=org.apache.cassandra.auth.jmx.AuthorizationProxy"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Check standard access control is off by ensuring this line is commented |
| out:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">#JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.access.file=/etc/cassandra/jmxremote.access"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>With integrated authentication and authorization enabled, operators can |
| define specific roles and grant them access to the particular JMX |
| resources that they need. For example, a role with the necessary |
| permissions to use tools such as jconsole or jmc in read-only mode would |
| be defined as:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-cql hljs" data-lang="cql">CREATE ROLE jmx WITH LOGIN = false; |
| GRANT SELECT ON ALL MBEANS TO jmx; |
| GRANT DESCRIBE ON ALL MBEANS TO jmx; |
| GRANT EXECUTE ON MBEAN 'java.lang:type=Threading' TO jmx; |
| GRANT EXECUTE ON MBEAN 'com.sun.management:type=HotSpotDiagnostic' TO jmx; |
| |
| # Grant the role with necessary permissions to use nodetool commands (including nodetool status) in read-only mode |
| GRANT EXECUTE ON MBEAN 'org.apache.cassandra.db:type=EndpointSnitchInfo' TO jmx; |
| GRANT EXECUTE ON MBEAN 'org.apache.cassandra.db:type=StorageService' TO jmx; |
| |
| # Grant the jmx role to one with login permissions so that it can access the JMX tooling |
| CREATE ROLE ks_user WITH PASSWORD = 'password' AND LOGIN = true AND SUPERUSER = false; |
| GRANT jmx TO ks_user;</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Fine grained access control to individual MBeans is also supported:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-cql hljs" data-lang="cql">GRANT EXECUTE ON MBEAN 'org.apache.cassandra.db:type=Tables,keyspace=test_keyspace,table=t1' TO ks_user; |
| GRANT EXECUTE ON MBEAN 'org.apache.cassandra.db:type=Tables,keyspace=test_keyspace,table=*' TO ks_owner;</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>This permits the <code>ks_user</code> role to invoke methods on the MBean |
| representing a single table in <code>test_keyspace</code>, while granting the same |
| permission for all table level MBeans in that keyspace to the <code>ks_owner</code> |
| role.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Adding/removing roles and granting/revoking of permissions is handled |
| dynamically once the initial setup is complete, so no further restarts |
| are required if permissions are altered.</p> |
| </div> |
| <div class="paragraph"> |
| <p>See also: <a href="../../developing/cql/security.html#permissions" class="page"><code>Permissions</code></a>.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="jmx-with-ssl"><a class="anchor" href="#jmx-with-ssl"></a>JMX With SSL</h3> |
| <div class="paragraph"> |
| <p>JMX SSL configuration is controlled by a number of system properties, |
| some of which are optional. To turn on SSL, edit the relevant lines in |
| <code>cassandra-env.sh</code> to uncomment and |
| set the values of these properties as required:</p> |
| </div> |
| <div class="dlist"> |
| <dl> |
| <dt class="hdlist1"><code>com.sun.management.jmxremote.ssl</code></dt> |
| <dd> |
| <p>set to true to enable SSL</p> |
| </dd> |
| <dt class="hdlist1"><code>com.sun.management.jmxremote.ssl.need.client.auth</code></dt> |
| <dd> |
| <p>set to true to enable validation of client certificates</p> |
| </dd> |
| <dt class="hdlist1"><code>com.sun.management.jmxremote.registry.ssl</code></dt> |
| <dd> |
| <p>enables SSL sockets for the RMI registry from which clients obtain the |
| JMX connector stub</p> |
| </dd> |
| <dt class="hdlist1"><code>com.sun.management.jmxremote.ssl.enabled.protocols</code></dt> |
| <dd> |
| <p>by default, the protocols supported by the JVM will be used, override |
| with a comma-separated list. Note that this is not usually necessary |
| and using the defaults is the preferred option.</p> |
| </dd> |
| <dt class="hdlist1"><code>com.sun.management.jmxremote.ssl.enabled.cipher.suites</code></dt> |
| <dd> |
| <p>by default, the cipher suites supported by the JVM will be used, |
| override with a comma-separated list. Note that this is not usually |
| necessary and using the defaults is the preferred option.</p> |
| </dd> |
| <dt class="hdlist1"><code>javax.net.ssl.keyStore</code></dt> |
| <dd> |
| <p>set the path on the local filesystem of the keystore containing server |
| private keys and public certificates</p> |
| </dd> |
| <dt class="hdlist1"><code>javax.net.ssl.keyStorePassword</code></dt> |
| <dd> |
| <p>set the password of the keystore file</p> |
| </dd> |
| <dt class="hdlist1"><code>javax.net.ssl.trustStore</code></dt> |
| <dd> |
| <p>if validation of client certificates is required, use this property to |
| specify the path of the truststore containing the public certificates |
| of trusted clients</p> |
| </dd> |
| <dt class="hdlist1"><code>javax.net.ssl.trustStorePassword</code></dt> |
| <dd> |
| <p>set the password of the truststore file</p> |
| </dd> |
| </dl> |
| </div> |
| <div class="paragraph"> |
| <p>See also: |
| <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html#gdemv">Oracle |
| Java7 Docs</a>, |
| <a href="https://www.lullabot.com/articles/monitor-java-with-jmx">Monitor Java |
| with JMX</a></p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="crypto-providers"><a class="anchor" href="#crypto-providers"></a>Crypto providers</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>The ability to specify a custom Java Crypto Provider was done as part of <a href="https://issues.apache.org/jira/browse/CASSANDRA-18624">CASSANDRA-18624</a></p> |
| </div> |
| <div class="paragraph"> |
| <p>The default configuration of <code>crypto_provider</code> in <code>cassandra.yaml</code> looks like this:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="highlightjs highlight"><code class="language-none hljs" data-lang="none"># Configures Java crypto provider. By default, it will use |
| # DefaultCryptoProvider which will install Amazon Correto |
| # Crypto Provider. |
| # |
| # Amazon Correto Crypto Provider works currently for |
| # x86_64 and aarch_64 platforms. If this provider fails it will |
| # fall back to the default crypto provider in the JRE. |
| # |
| # To force failure when the provider was not installed properly, |
| # set the property "fail_on_missing_provider" to "true". |
| # |
| # To bypass the installation of a crypto provider use |
| # class 'org.apache.cassandra.security.JREProvider' |
| # |
| crypto_provider: |
| - class_name: org.apache.cassandra.security.DefaultCryptoProvider |
| parameters: |
| - fail_on_missing_provider: "false"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>For older nodes, when they upgrade to Cassandra 5.0 with the same <code>cassandra.yaml</code> |
| where <code>crypto_provider</code> section is not set yet, they will default to <code>JREProvider</code> which does not |
| install any provider, and it will use the one which is in a JRE Cassandra runs with.</p> |
| </div> |
| <div class="paragraph"> |
| <p>As the above snippet shows, <code>DefaultCryptoProvider</code> is installing |
| <a href="https://github.com/corretto/amazon-corretto-crypto-provider">Amazon Corretto Crypto provider</a> which is proven to be |
| way more performant than default crypto providers in a JRE installation.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If you want to use other crypto provider, you have two options.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The first one is to configure your JRE, specifically |
| <code>java.security</code> file, to instruct JRE what crypto provider to use. You would need to put respective implementation |
| of such crypto provider to the class path of JRE as well.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The second option is to implement your own crypto provider by extending |
| <code>org.apache.cassandra.security.AbstractCryptoProvider</code> and implementing four methods:</p> |
| </div> |
| <div class="dlist"> |
| <dl> |
| <dt class="hdlist1">getProviderName</dt> |
| <dd> |
| <p>Returns name of your provider</p> |
| </dd> |
| <dt class="hdlist1">getProviderClassAsString</dt> |
| <dd> |
| <p>Returns FQCN of your actual crypto provider which extends <code>java.security.Provider</code>.</p> |
| </dd> |
| <dt class="hdlist1">installator</dt> |
| <dd> |
| <p>Returns <code>Runnable</code> which installs your <code>java.security.Provider</code> in runtime.</p> |
| </dd> |
| <dt class="hdlist1">isHealthyInstallation</dt> |
| <dd> |
| <p>Returns <code>true</code> if the installation is <em>healthy</em>, false otherwise. This serves as a way |
| to check if the installation of your provider was successful or not.</p> |
| </dd> |
| </dl> |
| </div> |
| <div class="paragraph"> |
| <p>Upon installation of a crypto provider, <code>AbstractCryptoProvider</code> checks whether the provider you want to |
| install is already installed or not. If it is installed and its installation position is <code>1</code> (as providers are |
| installed in an order), a message will be logged about this fact. This case may happen if you configured |
| your JRE directly via <code>java.security</code> and you try to install same provider by Cassandra itself as well.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If it is installed already but not on the first position, if <code>fail_on_missing_provider</code> is set to <code>true</code>, |
| an exception will be thrown and a node will fail to start. Same happens if the installation of |
| a provider is not successful as such.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Platform-specific libraries are added to Cassandra’s class path automatically by <code>cassandra.in.sh</code> script. |
| Currently, there are <code>lib/aarch64</code> and <code>lib/x86_64</code> directories with JAR files for each respective architecture. |
| A platform is determined by the output of <code>uname -m</code> command.</p> |
| </div> |
| </div> |
| </div> |
| </article> |
| </main> |
| </div> |
| </div> |
| <footer class="grad grad--two flex-center pb-xlarge"> |
| <div class="inner text-center z2 relative"> |
| <h2 class="white py-small">Get started with Cassandra, fast.</h2> |
| <a id="footer-cta" href="/_/quickstart.html" class="btn btn--filled ma-medium">Quickstart Guide</a> |
| </div> |
| <div class="inner flex flex-distribute-items mt-xlarge z2 relative"> |
| <div class="col-2"> |
| <div id="footer-logo" class="logo logo--footer mb-medium"><img src="../../../../../assets/img/logo-white-r.png" alt="Cassandra Logo"></div> |
| <p>Apache Cassandra<img src="../../../../../assets/img/registered.svg" alt="®" style="width:18px;"> powers mission-critical deployments with improved performance and unparalleled levels of scale in the cloud.</p> |
| <div class="footer-social-icons"> |
| <a href="https://twitter.com/cassandra?lang=en" target="_blank"><img src="../../../../../assets/img/twitter-icon-circle-white.svg" alt="twitter icon" width="24"></a> |
| <a href="https://www.linkedin.com/company/apache-cassandra/" target="_blank"><img src="../../../../../assets/img/LI-In-Bug.png" alt="linked-in icon" width="24"></a> |
| <a href="https://www.youtube.com/c/PlanetCassandra" target="_blank"><img src="../../../../../assets/img/youtube-icon.png" alt="youtube icon" width="24"></a> |
| </div> |
| </div> |
| <div class="col-2 flex flex-center"> |
| <ul class="columns-2"> |
| <li class="mb-small"><a href="/">Home</a></li> |
| <li class="mb-small"><a href="/_/cassandra-basics.html">Cassandra Basics</a></li> |
| <li class="mb-small"><a href="/_/quickstart.html">Quickstart</a></li> |
| <li class="mb-small"><a href="/_/ecosystem.html">Ecosystem</a></li> |
| <li class="mb-small"><a href="/doc/latest/">Documentation</a></li> |
| <li class="mb-small"><a href="/_/community.html">Community</a></li> |
| <li class="mb-small"><a href="/_/case-studies.html">Case Studies</a></li> |
| <li class="mb-small"><a href="/_/resources.html">Resources</a></li> |
| <li class="mb-small"><a href="/_/blog.html">Blog</a></li> |
| </ul> |
| </div> |
| </div> |
| </footer> |
| <div class="lower-footer bg-white pa-medium"> |
| <div class="flex flex-row flex-vert-center"> |
| <div class="pr-medium"><img src="../../../../../assets/img//feather-small.png" alt="ASF" width="20"></div> |
| <div class="pr-medium"><a href="http://www.apache.org/" target="_blank">Foundation</a></div> |
| <div class="pr-medium"><a href="https://www.apache.org/events/current-event.html" target="_blank">Events</a></div> |
| <div class="pr-medium"><a href="https://www.apache.org/licenses/" target="_blank">License</a></div> |
| <div class="pr-medium"><a href="https://www.apache.org/foundation/thanks" target="_blank">Thanks</a></div> |
| <div class="pr-medium"><a href="https://www.apache.org/security" target="_blank">Security</a></div> |
| <div class="pr-medium"><a href="https://privacy.apache.org/policies/privacy-policy-public.html" target="_blank">Privacy</a></div> |
| <div class="pr-medium"><a href="https://www.apache.org/foundation/sponsorship" target="_blank">Sponsorship</a></div> |
| </div> |
| <p class="my-medium">© 2009-<script>document.write(new Date().getFullYear())</script> <a href="https://apache.org" target="_blank">The Apache Software Foundation</a> under the terms of the Apache License 2.0. Apache, the Apache feather logo, Apache Cassandra, Cassandra, and the Cassandra logo, are either registered trademarks or trademarks of The Apache Software Foundation.</p> |
| </div> |
| <div id="fade" class="hidden"></div> |
| <div id="modal" class="hidden"> |
| <div id="close-modal" class="cursor-pointer"><svg viewBox="0 0 24 24" width="24" height="24" stroke="currentColor" stroke-width="2" fill="none" stroke-linecap="round" stroke-linejoin="round" class="css-i6dzq1"><line x1="18" y1="6" x2="6" y2="18"></line><line x1="6" y1="6" x2="18" y2="18"></line></svg></div> |
| <div id="mod-content" class="vid-mod-content resp-container"></div> |
| </div> |
| <script src="../../../../../assets/js/site.js"></script> |
| <script async src="../../../../../assets/js/vendor/highlight.js"></script> |
| <script src="../../../../../assets/js/vendor/lunr.js"></script> |
| <script src="../../../../../assets/js/vendor/search.js" id="search-script" data-base-path="../../../../.." data-page-path="/Cassandra/5.0/cassandra/managing/operating/security.html"></script> |
| <script async src="../../../../../assets/../search-index.js"></script> |
| <script> |
| jQuery(function(){ |
| var windowW = $(window).width(); |
| $(document) |
| .on('click','.mobile-nav-icon',function(){ |
| $('.main-nav').fadeIn(); |
| }) |
| .on('click','.main-nav',function(){ |
| if(windowW <= 1000){ |
| $(this).fadeOut(); |
| } |
| }) |
| .on('click','#version-toggle',function(){ |
| $(this).toggleClass('active'); |
| $(this).next().fadeToggle(); |
| }) |
| .on('click','#mobile-docs-nav-burger', function(){ |
| $(this).toggleClass('active'); |
| $('.docs-nav').toggleClass('active'); |
| }); |
| var url = window.location.pathname; |
| var isQuickstart = url.includes('quickstart.html'); |
| if(isQuickstart){ |
| var footerCTA = document.getElementById('footer-cta'); |
| footerCTA.innerHTML = 'Get latest updates'; |
| footerCTA.setAttribute('href', '/_/blog.html'); |
| } |
| }); |
| </script> |
| </div> |
| </body> |
| </html> |