[
https://issues.apache.org/jira/browse/CASSANDRA-10091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15169402#comment-15169402
]
Jan Karlsson edited comment on CASSANDRA-10091 at 3/1/16 2:14 PM:
------------------------------------------------------------------
[~beobal] We need to change the StartupChecks because we are still throwing an
error in [checkJMXPorts|
https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/service/StartupChecks.java#L142]
when we do not set cassandra.jmx.local.port.
We can also use {code}#JVM_OPTS="$JVM_OPTS
-Djava.security.auth.login.config=$CASSANDRA_HOME/conf/cassandra-jaas.config"{code}
instead of requiring the user to add their own path.
Otherwise LGTM.
Dtest can be found [here|https://github.com/ejankan/cassandra-dtest/tree/10091]
This Dtest needs the aforementioned changes to StartupChecks and
$CASSANDRA_HOME to work.
was (Author: jan karlsson):
[~beobal] We need to change the StartupChecks because we are still throwing an
error in [checkJMXPorts|
https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/service/StartupChecks.java#L142]
when we do not set cassandra.jmx.local.port.
Otherwise LGTM.
I am currently writing a Dtest for the authn part of it.
> Align JMX authentication with internal authentication
> -----------------------------------------------------
>
> Key: CASSANDRA-10091
> URL: https://issues.apache.org/jira/browse/CASSANDRA-10091
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Jan Karlsson
> Assignee: Sam Tunnicliffe
> Priority: Minor
> Fix For: 3.x
>
>
> It would be useful to authenticate with JMX through Cassandra's internal
> authentication. This would reduce the overhead of keeping passwords in files
> on the machine and would consolidate passwords to one location. It would also
> allow the possibility to handle JMX permissions in Cassandra.
> It could be done by creating our own JMX server and setting custom classes
> for the authenticator and authorizer. We could then add some parameters where
> the user could specify what authenticator and authorizer to use in case they
> want to make their own.
> This could also be done by creating a premain method which creates a jmx
> server. This would give us the feature without changing the Cassandra code
> itself. However I believe this would be a good feature to have in Cassandra.
> I am currently working on a solution which creates a JMX server and uses a
> custom authenticator and authorizer. It is currently build as a premain,
> however it would be great if we could put this in Cassandra instead.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
