You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by Apache Wiki <wi...@apache.org> on 2011/11/10 17:07:53 UTC
[Cassandra Wiki] Update of "SimpleAuthenticator" by DavidAllsopp
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Cassandra Wiki" for change notification.
The "SimpleAuthenticator" page has been changed by DavidAllsopp:
http://wiki.apache.org/cassandra/SimpleAuthenticator?action=diff&rev1=3&rev2=4
(Alter the paths to the configuration files depending on where placed the files.)
+ === Caveats ===
+
+ Note that this authentication/authorization is applied to Thrift requests from clients. It is not applied to inter-node messages. This means that an attacker with access to the network used by your cluster could bypass authentication/authorization to cause damage or extract data, by directly crafting and sending inter-node messages. Server nodes should therefore be protected from clients and other hosts by firewall rules.
+
+ If there are untrusted people or systems on your datacenter network, you can additionally enable inter-node encryption, which prevents the type of attack described in the previous paragraph.
+