Configuring internal authorization
Steps for adding the CassandraAuthorizer.
CassandraAuthorizer is one of many possible IAuthorizer implementations, and the one that stores permissions in the system_auth.permissions table to support all authorization-related CQL 3 statements. Configuration consists mainly of changing the authorizer option in the cassandra.yaml to use the CassandraAuthorizer.
In the cassandra.yaml file, comment out the default
AllowAllAuthorizer and add the CassandraAuthorizer.
#authorizer: org.apache.cassandra.auth.AllowAllAuthorizer authorizer: org.apache.cassandra.auth.CassandraAuthorizerYou can use any authenticator except AllowAll.
- Configure the replication factor for the system_auth keyspace.
Adjust the validity period for permissions caching by setting the permissions_validity_in_ms option in the cassandra.yaml.
Alternatively, disable permission caching by setting this option to 0.