Contents
Cassandra authentication
Web Services supports Cassandra authentication. Authentication validates incoming user connections to the Cassandra database. Implementing Cassandra authentication requires you to do some configuration in Cassandra and in Web Services.
Configure Cassandra authentication
The user login accounts and their passwords required for authentication are managed inside the cassandra.yaml file. Configure Cassandra authentication according to Datastax documentation.
Web Services configuration
To support Cassandra authentication, open the application.yaml file and provide the appropriate credentials. For example:
cassandraCluster:
thrift_port: 9160
jmx_port: 7199
keyspace: sipfs
...
userName: <super user name>
password: <super user password>
...Password encryption
You can encrypt certain fields in the application.yaml file. To encrypt a field, prefix the value with '"CRYPT:"', for example:
...
opsUserName: ops
opsUserPassword: CRYPT:an03xPrxLAu9p==
...In the serverSettings section of the application.yaml file, the following settings can be encrypted:
- opsUserPassword
- cmePassword
- jksPassword
- webDAVPassword
In the cassandraCluster section of the application.yaml file, the following settings can be encrypted:
- password
In order to encrypt a password, you will need to run GWS application with an '"--encrypt"' parameter followed by a password you need to encrypt. The server won't actually start, the application will only encrypt the supplied password and then quit. This feature is only supported for JAR (Spring Boot) distributable. For example:
$java -jar gws.jar --encrypt ops
CRYPT:an03xPrxLAu9p==
$ _