I can't seem to get cassandra-stress working with authentication. I'm using simple username/password authentication. When I run cassandra-stress, I get auth failures (naturally). Anybody know how to specify username / passwords for stress-tool. I'm trying out apache cassandra 2.1.0-rc4 btw.
I know this is an old one but cassandra-stress got authentication support in 2.1.3 with CASSANDRA-7985.
I turned off authentication (stopped Cassandra, in conf/cassandra.yaml changed authenticator value from PasswordAuthenticator to AllowAllAuthenticator, then started Cassandra), then cassandra-stress tool worked.
Maybe it just doesn't support authentication? That would be a little disappointing (version 2.0.9)
Ben
Related
I want to use Cassandra-stress tool to load test on AWS keyspaces but can't figure out how to use sigv4authprovider. Can someone please help with the steps?
Not sure if it is helping, but you can define a service account with classic authentication (login, password) against keyspaces. This is the best way to test cassandra tools/libs compatibility. SIGV4 would require some extra work with actually overwriting the way said libs/tools create their connection.
We have hosted an elastic search V7.11.2 on our non-cloud ecosystem. We are using presto V0.248 to connect to it.
Our Elastic Search is secured with a basic authentication system (currently is NON-SSL) we are able to connect but due to authentication enabled we are getting 401 HTTP status. As per the documentation we currently don't see any header adding or option to add username or password to presto connector.
Any help or pointer on how to enable the same.
Prestodb doesn't support user/password authentication for Elasticsearch. You may want to look at Trino (a fork of prestodb by its creators and major contributors, formerly known as PrestoSQL), which has had this feature since version 337 (latest version is 354): https://trino.io/docs/current/connector/elasticsearch.html#elasticsearch-auth-user
I've been experimenting with trying to secure a Elasticsearch cluster with basic auth and TLS.
I've successfully been able to do that using Search-Guard. The problem occurs with the Couchbase XDCR to Elasticsearch.
I'm using a plugin called elasticsearch-transport-couchbase which perfectly fine without TLS and Basic Auth enabled on the Elasticsearch cluster. But when enabling that with Search-Guard I am not able to make that work.
As far as I can tell the issue lies with the elasticsearch-transport-couchbase plugin. This has also been discussed previously in some issues on their Github repo.
It is also the only plugin what I can find that can be used for XDCR from Couchbase.
I'm curious about other peoples experience with this. Is there anyone who have been in the same situation as I and been able to setup a XDCR from Couchbase to Elasticsearch with TLS?
Or perhaps there are some other more suitable tools that I can use that I have missed?
The Couchbase transport plugin doesn't support XDCR TLS yet, it's on the roadmap, but isn't going to happen soon. Search-guard adds SSL to the HTTP/REST endpoint in ES, but the plugin opens its own endpoint (on port 9091 by default) which Search-guard doesn't touch. I'll take a look at whether it's possible to extend search-guard to apply to the transport plugin - the main problem is on the Couchbase XDCR side, which doesn't expect SSL on the target endpoint.
Version 4.0 of the Couchbase Elasticsearch connector supports secure connections to Couchbase Server and/or Elasticsearch.
Reference: https://docs.couchbase.com/elasticsearch-connector/4.0/secure-connections.html
A small update. We went around the issue by setting up a stunnel with xinetd. So all communication with ELS have to go through the stunnel where the TLS will terminate.
We blocked access to port 9200, and restricted 9091 to the Couchbase-cluster host and 9300 to the other ELS nodes only.
Seems to work good.
I know about the Cassandra PHP driver being in BETA. But I strongly believe DataStax offers the best solutions as far as PHP drivers go for Cassandra.
What I would love to try is to see if it's possible to get cassandra data into my PHP application using CQLSH and PHP shell commando's. (both Cassandra and PHP script run on the same server. )
Anyone ever tried this?
Would there be a method to get CQLSH return json or a different output instead of columns fit for my console?
Thanks for your insights.
cqlsh is built using the DataStax python driver. That being said, I would not recommend system calls to cqlsh using OS system calls from php. Not only is it impractical from a data format perspective, it is also hacky, I would not expect it to perform well, and it would be adding a lot of complexity and failure scenarios to your application.
For scalability, if you ever need to move your application to a different machine, you would not be able to. These are just a few of the downsides that I can think of from the top of my head.
You are better off using the beta PHP driver from DataStax or waiting for a stable version. RC1 is due to drop soon.
How to make acces to neo4j REST standalone server by LDAP? By default, there is no any security things in neo4j. In my opinion, i should run Apache Http server over neo4j, which use jetty inside. But I also know, that jetty can do LDAP, but it is part of neo4j, so its hard to configure. Wich way should I go?
Right now I think there are two possibilities. The first, as you mention, is to front Neo4j with Apache and let Apache take on the security workload.
The other is much more invasive, and that's to write a filter for JAX-RS (or a servlet filter) and get that registered with Jersey. If you're comfortable with hacking a bit of code, the second gives you a single box solution.