In my previous article, I have introduced on how can we begin with installation and configuration, and this article more focused on further Cassandra management. I will also share my experiences regarding this.
Change Password of Super User
This article mainly focuses on users management. In previous chapter I have discussed up-to network connection, we just used the command
cqlsh [SERVER-ADDRESS]
Magically it got connected, I did not have any idea regarding users. Because of security, database comes with users with different roles and the defined user only has access the database. It was my fault that I could notice that at first, actually cassandra comes with default super user cassadra with password cassandra. The first step is to change the cassandra password as soon as possible.
root user: cassandra
default password:cassandra
So, first begin with changing password. I tried login without password, and executed the following command:
cqlsh [SERVER-ADDRESS]
alter user cassandra with password '**********';
I got error saying "..CassandraRoleManager does not support PASSWORD", initially that sound weird, but later I noticed that we have to further modify configuration in conf/cassandra.yaml file.
Find the line with authenticator, and modify it to
authenticator: PasswordAuthenticator
authorizer: CassandraAuthorizer
Restart cassandra service to activate these configurations, now we need user name and password to connect to database. And, good news, is we can now alter password of default superuser (cassandra).
alter user cassandra with password '*****************';
Create Custom User
We have to first note that, there are two types of users in cassandra, supseruser and nonsuperuser. The difference is clear, superuser has some elevated roles compared to nonsuperuser. Superusers can create new users, delete users, change passwords of users, while normal users can only change their own password.
So, to create a custom user you have to be a superuser. First we login with superuser:
csqlsh [SERVER-ADDRESS] -u cassandra
Provide password for cassandra. Then, after successful login, we provide the following command:
create user if not exists frietec with password '********' supseruser;
Thats it! Now, we created users and defined roles to access.
Change Password of Super User
This article mainly focuses on users management. In previous chapter I have discussed up-to network connection, we just used the command
cqlsh [SERVER-ADDRESS]
Magically it got connected, I did not have any idea regarding users. Because of security, database comes with users with different roles and the defined user only has access the database. It was my fault that I could notice that at first, actually cassandra comes with default super user cassadra with password cassandra. The first step is to change the cassandra password as soon as possible.
root user: cassandra
default password:cassandra
So, first begin with changing password. I tried login without password, and executed the following command:
cqlsh [SERVER-ADDRESS]
alter user cassandra with password '**********';
I got error saying "..CassandraRoleManager does not support PASSWORD", initially that sound weird, but later I noticed that we have to further modify configuration in conf/cassandra.yaml file.
Find the line with authenticator, and modify it to
authenticator: PasswordAuthenticator
authorizer: CassandraAuthorizer
Restart cassandra service to activate these configurations, now we need user name and password to connect to database. And, good news, is we can now alter password of default superuser (cassandra).
alter user cassandra with password '*****************';
Create Custom User
We have to first note that, there are two types of users in cassandra, supseruser and nonsuperuser. The difference is clear, superuser has some elevated roles compared to nonsuperuser. Superusers can create new users, delete users, change passwords of users, while normal users can only change their own password.
So, to create a custom user you have to be a superuser. First we login with superuser:
csqlsh [SERVER-ADDRESS] -u cassandra
Provide password for cassandra. Then, after successful login, we provide the following command:
create user if not exists frietec with password '********' supseruser;
Thats it! Now, we created users and defined roles to access.
No comments:
Post a Comment