SimpleAuthenticator and SimpleAuthority

(2 posts) (2 voices)

• Started 5 months ago by apollo87
• Latest reply from Srini
• This topic is not resolved

Tags:

No tags yet.

1. 

   apollo87
   Member

   The 'Authentication and Authorization Configuration' page says that the org.apache.cassandra.auth.SimpleAuthenticator and org.apache.cassandra.auth.SimpleAuthorityare not secure. Could someone explain why? Is general design of putting passwords in a file on the conf directory for implementations of the IAuthorization interface to access not secure? What changes would I have to make to them to make it secure?

   Posted 5 months ago #
2. 

   Srini
   Member

   Those are demo's to play around, not recommended for production.

   It is not good to store passwords in a file even if it is encrypted.

   You can go for LDAP level authentications.

   Posted 5 months ago #

RSS feed for this topic