Configuring DSE Unified Authentication

Overview of the DSE Unified Authentication configuration process.

DSE Unified Authentication configuration has three parts:

Deprecated property values in cassandra.yaml 

With DSE Unified Authentication, the following property values in cassandra.yaml are deprecated for use with DataStax Enterprise 5.0 and later:
  • role_manager: CassandraRoleManager (deprecated)

    Instead, specify to use the DataStax Enterprise internal role manager with role_manager: DseRoleManager

  • authenticator: com.datastax.bdp.cassandra.auth.LdapAuthenticator (deprecated)

    Instead, use authenticator: com.datastax.bdp.cassandra.auth.DseAuthenticator and then in the authentication_options section of dse.yaml use default_scheme: ldap.

  • authenticator: com.datastax.bdp.cassandra.auth.KerberosAuthenticator (deprecated)

    Instead, use authenticator: com.datastax.bdp.cassandra.auth.DseAuthenticator and then in the authentication_options section of dse.yaml use default_scheme: kerberos or other_schemes: kerberos.

The location of the dse.yaml file depends on the type of installation:
Installer-Services /etc/dse/dse.yaml
Package installations /etc/dse/dse.yaml
Installer-No Services install_location/resources/dse/conf/dse.yaml
Tarball installations install_location/resources/dse/conf/dse.yaml
The location of the cassandra.yaml file depends on the type of installation:
Installer-Services /etc/dse/cassandra/cassandra.yaml
Package installations /etc/dse/cassandra/cassandra.yaml
Installer-No Services install_location/resources/cassandra/conf/cassandra.yaml
Tarball installations install_location/resources/cassandra/conf/cassandra.yaml