NoSQL: Cassandra introduces Role Based Authentication ~ Tech Blog

Prior to Cassandra 2.2, it supports only User base authentication, but now Cassandra introduces new Role-based authentication.

In this post, I am sharing a demonstration on how to create a Role in Cassandra and How to assign different permissions to that role.
You can directly use this Role for authentication and you can also assign same Role permission to another role.

First, login with Cassandra’s super user.

1

cqlsh -u cassanddra -p cassandra

Create keyspace if not exists:

1

2

3

CREATE KEYSPACE IF NOT EXISTS dbrnd WITH replication = {'class': 'SimpleStrategy', 'replication_factor' : 3};

USE dbrnd;

Create few sample tables:

1

2

3

4

5

6

7

8

9

10

11

12

13

CREATE TABLE IF NOT EXISTS tbl_Employee 

(

 EmpID INT PRIMARY KEY

 ,EmpFirstName VARCHAR

 ,EmpLastName VARCHAR

 ,EmpSalary INT

);

CREATE TABLE IF NOT EXISTS tbl_Department

(

 DeptID INT PRIMARY KEY

 ,DeptName VARCHAR

);

Create one sample Role without Superuser access:
If you get this error : “org.apache.cassandra.auth.CassandraRoleManager doesn’t support PASSWORD”, visit this solution.

1

CREATE ROLE ReportingRole WITH PASSWORD = 'pass123' AND LOGIN = true AND SUPERUSER = false;

Grant different permissions to this Role:

1

2

GRANT SELECT ON dbrnd.tbl_Employee TO ReportingRole;

GRANT MODIFY ON dbrnd.tbl_Department TO ReportingRole;

If you get any error like ” GRANT operation is not supported by AllowAllAuthorizer”, you have to modify the value of “authorizer” in cassandra.yaml file.

1

2

3

4

5

 -- Old value:

 authorizer: AllowAllAuthorizer

 -- Change to this New value:

 authorizer: org.apache.cassandra.auth.CassandraAuthorizer

Grant over the all keyspaces:

1

2

GRANT SELECT ON ALL KEYSPACES TO ReportingRole;

GRANT MODIFY ON ALL KEYSPACES TO ReportingRole;

Create new test Role and make it a replica of the current role:

1

2

3

CREATE ROLE Test WITH PASSWORD = 'pass123' AND LOGIN = true AND SUPERUSER = false;

GRANT ReportingRole to Test;

List out all Roles and its permissions:

1

2

3

4

-- List out all Roles.

LIST ROLES;

-- List out all permissions of the Role.

LIST ALL PERMISSIONS OF ReportingRole;

Tech Blog

Wednesday 25 July 2018

NoSQL: Cassandra introduces Role Based Authentication

0 comments:

Post a Comment

Total Pageviews

Achievement

Live Traffic

Followers

About Me

I V RAMANA

Recent Comments

Categories

Popular Posts

Hot Topics

Video

News

Comments

Recent

Bottom Ad [Post Page]

Recent Posts

Mysql - How to reset the administrator password in ISPConfig 3

Socialize

Blog Archive

Search This Blog

Post Top Ad

Archive

Post Bottom Ad

Author Details

About Me

Tags

Full width home advertisement

Pages

Post Page Advertisement [Top]

Climb the mountains

Wednesday 25 July 2018

0 comments:

Post a Comment

Total Pageviews

Achievement

Live Traffic

Subscribe To

Followers

About Me

I V RAMANA

Recent Comments

Categories

Popular Posts

Hot Topics

Video

News

Comments

Recent

Bottom Ad [Post Page]

Recent Posts

Mysql - How to reset the administrator password in ISPConfig 3

Socialize

Blog Archive

Search This Blog

Post Top Ad

Archive

Post Bottom Ad

Author Details

About Me

Tags

Full width home advertisement

Pages

Post Page Advertisement [Top]

Climb the mountains