It isn't very well documented apparently, but if you are using 0.6, you can look at the 'Authenticator' property in the default config for an explanation of how to authenticate users.
With the SimpleAuthenticator implementation, there are properties files that define your users and passwords, and there is a thrift method 'login' that must be called before any other operations. I'll add this to the wiki. -----Original Message----- From: "S Ahmed" <sahmed1...@gmail.com> Sent: Wednesday, April 21, 2010 4:19pm To: user@cassandra.apache.org Subject: security, firewall level only? Is security in terms of remote clients connecting to a cassandra node done purely at the hardware/firewall level? i.e. there is no username/pwd like in mysql/sqlserver correct? Or permissions at the column family level per user ?