Database Reference
In-Depth Information
Figure 4-23
.
Trying to create a user with AllowAllAuthenticator while not logged in
7.
We can alter the
system_auth
keyspace for replication strategy as:
alter keyspace system_auth with replication =
{'class':'SimpleStrategy','replication_factor':3};
With this recipe, we conclude that we can alter the
system_auth
keyspace but
we cannot create a user with
AllowAllAuthenticator
(authentication disabled).
When authenticating on a Cassandra server using default user credentials, you must
configure the consistency level as
QUORUM
.
Let's discuss SSL encryption and connecting cqlsh and Thrift clients when encryp-
tion is enabled.
Preparing Server Certificates
In recent years, social media and Internet-based applications made data accessibility
and sharing possible all over the world. SSL protocols are used to send encrypted data
over the Internet with secure communication.
For client-server or internode communication over SSL, we need to prepare server
certificates. A
keystore
file contains server keys, whereas a
Truststore
contains trusted
SSL certificates for all clients or nodes.
Before we start a new recipe, let's discuss some possible errors and resolutions up
front. After configuring and upon starting the Cassandra server, if we receive an error
such as the following, we need to configure the installed Java version with the Java
cryptography extension (JCE).
Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with
currently installed providers
Download the JCE package from:
