Using internal or LDAP authentication
Authenticate the DataStax Apache Kafka Connector session using internal or LDAP authentication.
dse.yaml
The location of the dse.yaml file depends on the type of installation:Package installations | /etc/dse/dse.yaml |
Tarball installations | installation_location/resources/dse/conf/dse.yaml |
cassandra.yaml
The location of the cassandra.yaml file depends on the type of installation:Package installations | /etc/dse/cassandra/cassandra.yaml |
Tarball installations | installation_location/resources/cassandra/conf/cassandra.yaml |
Procedure
- Verify whether your cluster has internal or LDAP authentication enabled. Refer to the authentication options in the dse.yaml file. Authentication options for the DSE Authenticator allow you to use multiple schemes for authentication simultanelously in a DataStax Enterprise cluster.
-
Additional authenticator configuration is required in
dse.yaml when the authorization option in
cassandra.yaml is set to
com.datastax.bdp.cassandra.auth.DseAuthorizer
. When authorization is enabled, the DataStax Apache Kafka Connector login role must have a minimum ofmodify
privileges on tables receiving data from the DataStax Apache Kafka Connector. For details, refer to the authorization options. -
In dse.yaml, there are options to configure LDAP
security when the authenticator option in cassandra.yaml
is set to
com.datastax.bdp.cassandra.auth.DseAuthenticator
. When not set, LDAP authentication is not used. The default in dse.yaml is that this setting is commented out (false). For details, refer to Defining an LDAP scheme. - Internal and LDAP schemes can also be used for role management. Refer to the role management options.
-
Set the relevant auth parameters in dse.yaml for
auth.provider
,auth.username
(the login role name or LDAP username), andauth.password
. See parameters.