Details
-
Bug
-
Status: Open
-
Normal
-
Resolution: Unresolved
-
None
-
None
-
Cassandra 3.11.3
Ubuntu Xenial
Jolokia 1.3.7
-
Normal
Description
Following guide (AUTHENTICATION AND AUTHORIZATION WITH CASSANDRA INTERNALS - CASSANDRA 3.6 AND LATER) does not work. I also don't understand why the guide says to comment out lines having `/etc/cassandra/jmxremote` in it. It should not need them. I expect jaas to take credentials passed in the http connection and use them to authenticate against Cassandra.
I have the following set of options :
-javaagent:/usr/local/share/jolokia-agent.jar=host=0.0.0.0,executor=fixed,authMode=jaas -Dcom.sun.management.jmxremote.authenticate=true, -Dcassandra.jmx.remote.login.config=CassandraLogin, -Djava.security.auth.login.config=/etc/cassandra/cassandra-jaas.config, -Dcassandra.jmx.authorizer=org.apache.cassandra.auth.jmx.AuthorizationProxy, -Dcom.sun.management.jmxremote, -Dcom.sun.management.jmxremote.ssl=false, -Dcom.sun.management.jmxremote.local.only=false, -Dcassandra.jmx.remote.port=7199, -Dcom.sun.management.jmxremote.rmi.port=7199, -Djava.rmi.server.hostname= 2a1d064ce844
And I get an HTTP error 401 when I try to query Jolokia with no credentials and an empty response otherwise :
$ echo '{"mbean": "org.apache.cassandra.db:type=StorageService", "attribute": "OperationMode", "type": "read"}' | http POST http://localhost:8778/jolokia/ HTTP/1.1 401 Unauthorized Content-length: 0 Date: Mon, 21 Jan 2019 18:31:35 GMT Www-authenticate: Basic realm="jolokia"
If I then create jmxremote files on disk, I only get empty responses :
$ curl -v -u monitorRoleUser:cassie http://localhost:8778/jolokia/list/ * Trying 127.0.0.1... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 8778 (#0) * Server auth using Basic with user 'monitorRoleUser' > GET /jolokia/list/ HTTP/1.1 > Host: localhost:8778 > Authorization: Basic bW9uaXRvclJvbGVVc2VyOmNhc3NpZQ== > User-Agent: curl/7.63.0-88 > Accept: */* > * Empty reply from server * Connection #0 to host localhost left intact curl: (52) Empty reply from server
What is missing ? Is it really functional ?
I tried to ping the author of the Jolokia project but did not get any response neither on the GitHub project nor on the support forum ...
Attachments
Issue Links
- is a clone of
-
CASSANDRA-14686 Jolokia agent not accepting requests during an operation
- Resolved