Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Currently, James relies on a superuser account to connect to Cassandra.
This is not adapted for production setups. Eventually, we may have a Cassandra cluster being used by several James instances, all focused on different clients (i.e. these James instances do not belong to the same James "cluster").
It would be better to have a restricted account to Cassandra.
In particular, James should not be able to delete or create a keyspace. In fact, it should only have permissions on its own keyspace. What would be the minimal but sufficient permissions for James to work with such an account? And what would be the command to type in to create such an account from an administrator's point of view?
DOD: apache website documentation for that