Hi Dean, The new authentication modules currently uses a QUORUM consistency level when checking the user. That is the reason why it doesn't work in version 1.2.2.
I thing that using LOCAL_QUORUM or ONE CL instead of QUORUM should solve this problem. But I didn't see any option in 1.2.2. Regards. Jean Armel 2013/3/4 Hiller, Dean <dean.hil...@nrel.gov> > I thought there was already a LOCAL_QUOROM option so things continue to > work when you get data center split. > > There was also TWO I think as well which allowed 4 nodes(2 in each data > center) so you can continue to write when data center splits. > > Dean > > From: Jean-Armel Luce <jaluc...@gmail.com<mailto:jaluc...@gmail.com>> > Reply-To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org>" < > user@cassandra.apache.org<mailto:user@cassandra.apache.org>> > Date: Monday, March 4, 2013 9:12 AM > To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org>" < > user@cassandra.apache.org<mailto:user@cassandra.apache.org>> > Subject: Re: Consistency level for system_auth keyspace > > Hi Aaron, > > I have open a ticket in Jira : > https://issues.apache.org/jira/browse/CASSANDRA-5310 > Reading the user using the QUORUM consistency level means that in case of > network outage, you are unable to open a connection, and all your data > become unavailable. > > Regards. > > Jean Armel > > 2013/3/4 aaron morton <aa...@thelastpickle.com<mailto: > aa...@thelastpickle.com>> > In this case, it means that if there is a network split between the 2 > datacenters, it is impossible to get the quorum, and all connections will > be rejected. > Yes. > > Is there a reason why Cassandra uses the Quorum consistency level ? > I would guess to ensure there is a single, cluster wide, set of > permissions. > > Using LOCAL or one could result in some requests that are rejected being > allowed on other nodes. > > Cheers > > > ----------------- > Aaron Morton > Freelance Cassandra Developer > New Zealand > > @aaronmorton > http://www.thelastpickle.com > > On 1/03/2013, at 6:40 AM, Jean-Armel Luce <jaluc...@gmail.com<mailto: > jaluc...@gmail.com>> wrote: > > Hi, > > > I am using Cassandra 1.2.2. > There are 16 nodes in my cluster in 2 datacenters (8 nodes in each > datacenter). > I am using NetworkTopologyStrategy. > > For information, I set a RF = 6 (3 replicas in each datacenter) > > With 1.2.2, I am using the new authentication backend > PasswordAuthenticator with the authorizer CassandraAuthorizer. > > In the documentation ( > http://www.datastax.com/docs/1.2/security/security_keyspace_replication#security-keyspace-replication), > it is written that for all system_auth-related queries, Cassandra uses the > QUORUM consistency level. > > In this case, it means that if there is a network split between the 2 > datacenters, it is impossible to get the quorum, and all connections will > be rejected. > > Is there a reason why Cassandra uses the Quorum consistency level ? > Maybe a local_quorum conssitency level (or a one consistency level) could > do the job ? > > Regards > Jean Armel > > >
