It does, yes. Clients will be required to call the thrift login method with a valid set of credentials before performing any other RPC calls. btw, in versions of C* >= 2.2 the Thrift server is not enabled by default (CASSANDRA-9319).
On Mon, Oct 31, 2016 at 4:50 PM, Li, Guangxing <guangxing...@pearson.com> wrote: > Hi, > > I secured my C* cluster by having "authenticator: > org.apache.cassandra.auth.PasswordAuthenticator" in cassandra.yaml. I > know it secures the CQL native interface running on port 9042 because my > code uses such interface. Does this also secure the Thrift API interface > running on port 9160? I searched around the web for answers but could not > find any. I supposed I can write a sample application using Thrift API > interface to confirm it, but wondering if I can get a quick answer from you > experts. > > Thanks. > > George. >