It seems that cassandra-cli doesn't support JMX user authentication.
Specifically I went about securing our Cassandra cluster slightly – I've added cassandra-level authentication (which cassandra-cli does support), but then I discovered that nodetool is still completely unprotected. So I went ahead and secured JMX (via -Dcom.sun.management.jmxremote.password.file and -Dcom.sun.management.jmxremote.access.file). Nodetool supports JMX authentication via -u and -pw options.
However it seems that cassandra-cli doesn't support JMX authentication, e.g.:
apache-cassandra-1.1.6\bin>cassandra-cli -h hostname -u experiment -pw password
Starting Cassandra Client
Connected to: "db" on hostname/9160
Welcome to Cassandra CLI version 1.1.6
[experiment@unknown] show keyspaces;
WARNING: Could not connect to the JMX on hostname:7199, information won't be shown.
Replication Strategy: org.apache.cassandra.locator.LocalStrategy
Durable Writes: true
... (rest of keyspace output snipped)
help connect; and cassandra-cli --help do not seem to indicate that there's any way to specify JMX login information.
|Status||Patch Available [ 10002 ]||Resolved [ 5 ]|
|Fix Version/s||1.1.11 [ 12324040 ]|
|Fix Version/s||1.2.2 [ 12323924 ]|
|Resolution||Fixed [ 1 ]|
|Status||Open [ 1 ]||Patch Available [ 10002 ]|
|Assignee||Michał Michalski [ michalm ]|
|Workflow||patch-available, re-open possible [ 12753252 ]||reopen-resolved, no closed status, patch-avail, testing [ 12755964 ]|
|Field||Original Value||New Value|
|Workflow||no-reopen-closed, patch-avail [ 12743219 ]||patch-available, re-open possible [ 12753252 ]|