Thank you Jeff & Harika. Yes, I am aware of that mechanism. What we need to do is to add some extra validations on the certificate used for securing the connection.
So, in order to do this in our Authenticator, we need a way to grab the sslHandler which can be obtained from the ServerConnection. The certificates can be obtained then from the sslHandler. My question was if there was any other way to grab the ServerConnection in an Authenticator besides passing it as a parameter when building the negotiator, thus changing IAuthenticator and ServerConnection. Thank you again, Horia On ons, 2017-10-25 at 17:13 +0000, Harika Vangapelli -T (hvangape - AKRAYA INC at Cisco) wrote: > Horia, > > By just changing Authenticator and Authorizer in cassandra.yaml and > adding custom libraries in /usr/share/cassandra/ you can plugin to > custom authentication > > sed -ri \ > -e 's/^(authenticator:).*/\1 > 'com.cassandra.LdapCassandraAuthenticator'/' \ > -e 's/^(authorizer:).*/\1 > 'com.cassandra.LdapCassandraAuthorizer'/' \ > "cassandra.yaml" > > Copy custom jars ----> /usr/share/cassandra/ > > > > Harika Vangapelli > Engineer - IT > hvang...@cisco.com > Tel: > Cisco Systems, Inc. > > > > United States > cisco.com > > > Think before you print. > This email may contain confidential and privileged material for the > sole use of the intended recipient. Any review, use, distribution or > disclosure by others is strictly prohibited. If you are not the > intended recipient (or authorized to receive for the recipient), > please contact the sender by reply email and delete all copies of > this message. > Please click here for Company Registration Information. > > > -----Original Message----- > From: Horia Mocioi [mailto:horia.moc...@ericsson.com] > Sent: Wednesday, October 25, 2017 3:38 AM > To: user@cassandra.apache.org > Subject: server connection in authenticator > > Hello guys, > > We are building up an authenticator using certificates. So far we > came up with a solution, but implies changing some files in Cassandra > code base in order to have the connection in the new Authenticator. > > So, here are my questions: > * how are you guys doing this? > * is it possible to obtain the connection on the Authenticator > without changing other files in the Cassandra code base, in that > sense just creating a new Authenticator and set it up in > cassandra.yaml? > > Regards, > Horia
