You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by Apache Wiki <wi...@apache.org> on 2011/11/10 17:07:53 UTC

[Cassandra Wiki] Update of "SimpleAuthenticator" by DavidAllsopp

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Cassandra Wiki" for change notification.

The "SimpleAuthenticator" page has been changed by DavidAllsopp:
http://wiki.apache.org/cassandra/SimpleAuthenticator?action=diff&rev1=3&rev2=4

  
  (Alter the paths to the configuration files depending on where placed the files.)
  
+ === Caveats ===
+ 
+ Note that this authentication/authorization is applied to Thrift requests from clients. It is not applied to inter-node messages. This means that an attacker with access to the network used by your cluster could bypass authentication/authorization to cause damage or extract data, by directly crafting and sending inter-node messages. Server nodes should therefore be protected from clients and other hosts by firewall rules.
+ 
+ If there are untrusted people or systems on your datacenter network, you can additionally enable inter-node encryption, which prevents the type of attack described in the previous paragraph.
+