Hello Justin and thank you for your answer.
Yes, I am aware of that mechanism.
What we need to accomplish is to add some extra validations to the
certificate in a new Authenticator and in order to get the certificates
for the current connection we need the ServerConnection object or the
sslHandle
Hi Horia,
Are you aware that Cassandra already supports two-way SSL certificate
authentication? Take a look at the require_client_auth option under
client_encryption_options in cassandra.yaml:
http://cassandra.apache.org/doc/latest/configuration/cassandra_config_file.html#client-encryption-options
Thank you Jeff & Harika.
Yes, I am aware of that mechanism. What we need to do is to add some
extra validations on the certificate used for securing the connection.
So, in order to do this in our Authenticator, we need a way to grab the
sslHandler which can be obtained from the ServerConnection.
Horia,
By just changing Authenticator and Authorizer in cassandra.yaml and adding
custom libraries in /usr/share/cassandra/ you can plugin to custom
authentication
sed -ri \
-e 's/^(authenticator:).*/\1
'com.cassandra.LdapCassandraAuthenticator'/' \
-e 's/^(autho
This might be better on the dev list, but the Authenticator and Authorizer
interfaces should let you drop a jar in the classpath and turn them on in the
yaml - you shouldn’t NEED to change much code, but that doesn’t mean the the
interfaces have considered your use case.
If the interfaces are i
