[
https://issues.apache.org/jira/browse/CASSANDRA-16456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17515912#comment-17515912
]
Stefan Miklosovic commented on CASSANDRA-16456:
-----------------------------------------------
hi [~bhouser] thanks for progressing this!
I am trying to authenticate with kerberos plugin, I am not successful yet, but
what I am getting is this:
{code}
[root@node1 ~]# cqlsh node1.example.com --ssl
Traceback (most recent call last):
File "/opt/cassandra/latest/bin/cqlsh.py", line 2469, in <module>
main(*read_options(sys.argv[1:], os.environ))
File "/opt/cassandra/latest/bin/cqlsh.py", line 2438, in main
auth_provider=load_auth_provider(options))
File "/opt/cassandra/latest/bin/cqlsh.py", line 2167, in load_auth_provider
return auth_provider_klass(**optvalues.auth_provider_extended)
File
"/opt/cassandra/latest/bin/../lib/cassandra-driver-internal-only-3.25.0.zip/cassandra-driver-3.25.0/cassandra/auth.py",
line 190, in __init__
ImportError: The puresasl library has not been installed
{code}
my cqlshrc
{code}
[root@node1 ~]# cat ~/.cassandra/cqlshrc
[AuthProvider]
classname=SaslAuthProvider
module=cassandra.auth
[AuthProviderExtendedProperties]
service = cassandra/[email protected]
keytab=/etc/cassandra/cassandra.keytab
mechanism = GSSAPI
qops = auth
[connection]
hostname = node1.example.com
port = 9042
factory = cqlshlib.ssl.ssl_transport_factory
[ssl]
certfile = /root/.cassandra/ca-cert
validate = true
usercert = /root/.cassandra/client.cer.pem
userkey = /root/.cassandra/client.key.pem
version = TLSv1_2
{code}
My question is, should not we somehow import puresasl too? How to resolve this?
> Add Plugin Support for CQLSH
> ----------------------------
>
> Key: CASSANDRA-16456
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16456
> Project: Cassandra
> Issue Type: New Feature
> Components: Tool/cqlsh
> Reporter: Brian Houser
> Assignee: Brian Houser
> Priority: Normal
> Labels: gsoc2021, mentor
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Currently the Cassandra drivers offer a plugin authenticator architecture for
> the support of different authentication methods. This has been leveraged to
> provide support for LDAP, Kerberos, and Sigv4 authentication. Unfortunately,
> cqlsh, the included CLI tool, does not offer such support. Switching to a new
> enhanced authentication scheme thus means being cut off from using cqlsh in
> normal operation.
> We should have a means of using the same plugins and authentication providers
> as the Python Cassandra driver.
> Here's a link to an initial draft of
> [CEP|https://docs.google.com/document/d/1_G-OZCAEmDyuQuAN2wQUYUtZBEJpMkHWnkYELLhqvKc/edit?usp=sharing].
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
