[ https://issues.apache.org/jira/browse/CASSANDRA-18420?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yakir Gibraltar updated CASSANDRA-18420: ---------------------------------------- Description: Hi, If making connection *without username* to cassandra cluster with PasswordAuthenticator enabled, Connection will fail but not logged on auditlog. How to reproduce: # Enable "authenticator: PasswordAuthenticator" on cluster # Enable audit : "nodetool enableauditlog" # Open a new screen and run "auditlogviewer -f <log_location>/audit/" # Try to connect, and connection will fail: {code:java} [root@c1 ~]# cqlsh Connection error: ('Unable to connect to any servers', {'127.0.0.1:9042': AuthenticationFailed('Remote end requires authentication',)}){code} # *But nothing in auditlogviewer*. Connection with incorrect usernames or password logged correct on auditlog , the problem only on connection without username. How it's affecting: # Security reason, hard to find unauthorized connections attempt . # When migrating cluster into PasswordAuthenticator, hard to find applications that didn't add username/password. Thank you. was: Hi, If making connection *without username* to cassandra cluster with PasswordAuthenticator enabled, Connection will fail but not logged on auditlog. How to reproduce: # Enable "authenticator: PasswordAuthenticator" on cluster # Enable audit : "nodetool enableauditlog" # Open a new screen and run "auditlogviewer -f <log_location>/audit/" # Try to connect, and connection will fail: {code:java} [root@c1 ~]# cqlsh Connection error: ('Unable to connect to any servers', {'127.0.0.1:9042': AuthenticationFailed('Remote end requires authentication',)}){code} # *But nothing in auditlogviewer*. Connection with incorrect usernames or password logged correct on auditlog , the problem only on connection without username. How it's affecting: # Security reason, hard to find unauthorized connection . # When migrating cluster into PasswordAuthenticator, hard to find applications that didn't add username/password. Thank you. > Connection without username not logged in auditlog > --------------------------------------------------- > > Key: CASSANDRA-18420 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18420 > Project: Cassandra > Issue Type: Bug > Components: Tool/auditlogging > Reporter: Yakir Gibraltar > Priority: Normal > > Hi, > If making connection *without username* to cassandra cluster with > PasswordAuthenticator enabled, > Connection will fail but not logged on auditlog. > How to reproduce: > # Enable "authenticator: PasswordAuthenticator" on cluster > # Enable audit : "nodetool enableauditlog" > # Open a new screen and run "auditlogviewer -f <log_location>/audit/" > # Try to connect, and connection will fail: > {code:java} > [root@c1 ~]# cqlsh > Connection error: ('Unable to connect to any servers', {'127.0.0.1:9042': > AuthenticationFailed('Remote end requires authentication',)}){code} > # *But nothing in auditlogviewer*. > Connection with incorrect usernames or password logged correct on auditlog , > the problem only on connection without username. > How it's affecting: > # Security reason, hard to find unauthorized connections attempt . > # When migrating cluster into PasswordAuthenticator, hard to find > applications that didn't add username/password. > Thank you. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org