You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@cassandra.apache.org by "Li, Guangxing" <gu...@pearson.com> on 2016/10/31 16:50:19 UTC
Does securing C*'s CQL native interface (running on port 9042)
automatically secure its Thrift API interface (running on port 9160)?
Hi,
I secured my C* cluster by having "authenticator:
org.apache.cassandra.auth.PasswordAuthenticator" in cassandra.yaml. I know
it secures the CQL native interface running on port 9042 because my code
uses such interface. Does this also secure the Thrift API interface running
on port 9160? I searched around the web for answers but could not find any.
I supposed I can write a sample application using Thrift API interface to
confirm it, but wondering if I can get a quick answer from you experts.
Thanks.
George.
Re: Does securing C*'s CQL native interface (running on port 9042)
automatically secure its Thrift API interface (running on port 9160)?
Posted by Sam Tunnicliffe <sa...@beobal.com>.
It does, yes. Clients will be required to call the thrift login method with
a valid set of credentials before performing any other RPC calls.
btw, in versions of C* >= 2.2 the Thrift server is not enabled by default
(CASSANDRA-9319).
On Mon, Oct 31, 2016 at 4:50 PM, Li, Guangxing <gu...@pearson.com>
wrote:
> Hi,
>
> I secured my C* cluster by having "authenticator:
> org.apache.cassandra.auth.PasswordAuthenticator" in cassandra.yaml. I
> know it secures the CQL native interface running on port 9042 because my
> code uses such interface. Does this also secure the Thrift API interface
> running on port 9160? I searched around the web for answers but could not
> find any. I supposed I can write a sample application using Thrift API
> interface to confirm it, but wondering if I can get a quick answer from you
> experts.
>
> Thanks.
>
> George.
>