Cassandra 1.2.19 We would like to turn on Cassandra's internal security (PasswordAuthenticator and CassandraAuthorizer) on the ring (away from AllowAll). (Clients are already passing credentials in their connections.) However, I know all nodes have to be switched to those before the basic security objects (system_auth) are created. So, an outage would be required to change all the nodes, let system_auth get created, alter system_auth for replication strategy, create all the users/permissions, repair system_auth.
For DataStax, there is a TransitionalAuthorizer that allows the system_auth to get created, but doesn't really require passwords. So, with a double, rolling bounce, you can implement security with no downtime. Anything like that for open source? Any other ways you have activated security without downtime? Sean R. Durity ________________________________ The information in this Internet Email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this Email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this Email are subject to the terms and conditions expressed in any applicable governing The Home Depot terms of business or client engagement letter. The Home Depot disclaims all responsibility and liability for the accuracy and content of this attachment and for any damages or losses arising from any inaccuracies, errors, viruses, e.g., worms, trojan horses, etc., or other items of a destructive nature, which may be contained in this attachment and shall not be liable for direct, indirect, consequential or special damages in connection with this e-mail message or its attachment.
