Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-14992

Authenticating Jolokia using Cassandra

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Normal
    • Resolution: Unresolved
    • None
    • Legacy/Core
    • None

    • Cassandra 3.11.3

      Ubuntu Xenial

      Jolokia 1.3.7

    • Normal

    Description

      Following guide (AUTHENTICATION AND AUTHORIZATION WITH CASSANDRA INTERNALS - CASSANDRA 3.6 AND LATER) does not work. I also don't understand  why the guide  says to comment out lines having `/etc/cassandra/jmxremote` in it. It should not need them. I expect jaas to take credentials passed in the http connection and use them to authenticate  against Cassandra. 

      I have the following set of options :

      -javaagent:/usr/local/share/jolokia-agent.jar=host=0.0.0.0,executor=fixed,authMode=jaas -Dcom.sun.management.jmxremote.authenticate=true, -Dcassandra.jmx.remote.login.config=CassandraLogin, -Djava.security.auth.login.config=/etc/cassandra/cassandra-jaas.config, -Dcassandra.jmx.authorizer=org.apache.cassandra.auth.jmx.AuthorizationProxy, -Dcom.sun.management.jmxremote, -Dcom.sun.management.jmxremote.ssl=false, -Dcom.sun.management.jmxremote.local.only=false, -Dcassandra.jmx.remote.port=7199, -Dcom.sun.management.jmxremote.rmi.port=7199, -Djava.rmi.server.hostname= 2a1d064ce844

      And I get an HTTP error 401 when I try to query Jolokia with no credentials and an empty response otherwise :

      $ echo '{"mbean": "org.apache.cassandra.db:type=StorageService", "attribute": "OperationMode", "type": "read"}' | http POST http://localhost:8778/jolokia/
HTTP/1.1 401 Unauthorized
Content-length: 0
Date: Mon, 21 Jan 2019 18:31:35 GMT
Www-authenticate: Basic realm="jolokia"

      If I then create jmxremote files on disk, I only get empty  responses :

      $ curl -v -u monitorRoleUser:cassie http://localhost:8778/jolokia/list/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8778 (#0)
* Server auth using Basic with user 'monitorRoleUser'
> GET /jolokia/list/ HTTP/1.1
> Host: localhost:8778
> Authorization: Basic bW9uaXRvclJvbGVVc2VyOmNhc3NpZQ==
> User-Agent: curl/7.63.0-88
> Accept: */*
>
* Empty reply from server
* Connection #0 to host localhost left intact
curl: (52) Empty reply from server

       

      What is missing ? Is it really functional ?

       

      I tried to ping the author of the Jolokia project but did not get any response neither on the GitHub project nor on the support forum ...

       

      Attachments

        Issue Links

          is a clone of

          Bug - A problem which impairs or prevents the functions of the product. CASSANDRA-14686 Jolokia agent not accepting requests during an operation

          • Normal -
          • Resolved

          Activity

            People

              cscetbon Cyril Scetbon
              cscetbon Cyril Scetbon
              Cyril Scetbon
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: