Jump to main content
Securing the database
Cassandra database security features.
Allow only authenticated users to access the database.
About Internal authentication
Internal authentication stores login roles and passwords in the database.
Configuring authentication
Steps for configuring authentication.
Using cqlsh with authentication
How to create a cqlshrc file to default to set credentials when launching cqlsh.
Control access to database resources.
Object permissions
Granting or revoking privileges on database resources.
Configuring internal authorization
Steps for adding the CassandraAuthorizer.
Authenticate tool users and control access to MBeans.
JMX Authentication and Authorization
JMX authentication is based on either JMX usernames and passwords or internal-database roles and passwords.
Enabling JMX authentication and authorization
Steps to enable remote JMX connections.
Using nodetool with authentication
How to use nodetool with authentication.
Using jconsole with authentication
How to use jconsole with authentication.
Encrypt intern node communication as well as client to cluster.
Encrypting database connections with SSL
Encrypt both internode and client-to-server communications using SSL.
Installing Java Cryptography Extension (JCE) Files
Installing the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.
Preparing server certificates for development
Steps to generate SSL certificates for client-to-node encryption or node-to-node encryption in a development environment.
Preparing SSL certificates for production
Steps to generate SSL certificates for client-to-node encryption or node-to-node encryption using a self-signed Certificate Authority (CA) in a production environment.
Node-to-node encryption
Node-to-node (internode) encryption protects data transferred between nodes in a cluster, including gossip communications, using SSL (Secure Sockets Layer).
Client-to-node encryption
Client-to-node encryption protects data in flight from client machines to a database cluster using SSL (Secure Sockets Layer).
Using cqlsh with SSL
Using a cqlshrc file with SSL encryption using a self-signed CA.
Using nodetool (JMX) with SSL encryption
Using nodetool with SSL encryption.
Using jconsole (JMX) with SSL encryption
Using jconsole with SSL encryption.
Configuring firewall port access
Which ports to open when nodes are protected by a firewall.