Configuring internal authorization
CassandraAuthorizer is one of many possible IAuthorizer implementations, and the one that stores permissions in the system_auth.permissions table to support all authorization-related CQL 3 statements. Configuration consists mainly of changing the authorizer option in the cassandra.yaml to use the CassandraAuthorizer.
In the cassandra.yaml, comment out the default AllowAllAuthorizer and add the
#authorizer: org.apache.cassandra.auth.AllowAllAuthorizer authorizer: org.apache.cassandra.auth.CassandraAuthorizerYou can use any authenticator except AllowAll.
- Configure the replication factor for the system_auth keyspace.
- Adjust the validity period for permissions caching by setting the permissions_validity_in_ms option in the cassandra.yaml. Alternatively, disable permission caching by setting this option to 0.