How to pass along username and password to cassandra in python

Question

I'm learning and just setup my cassandra cluster and trying to use python as the client to interact with it. In the yaml, I set the authenticator to be PasswordAuthenticator.

So now I plan to provide my username and password over to the connect function but find no where to put them.

cluster = Cluster(hosts)
session = cluster.connect(keyspace)

Basically, you provide only the host and the keyspace. The documentation kind of suggest a connection with anonymous? http://datastax.github.io/python-driver/getting_started.html#connecting-to-cassandra

If I just use the example, I will get the following error

raise NoHostAvailable("Unable to connect to any servers", errors)
cassandra.cluster.NoHostAvailable: ('Unable to connect to any servers', {'hou722067': AuthenticationFailed('Remote end requires authentication.',)})

Is the authentication information supplied through some config files? It seems like a very basic functionality and I can't imagine it's not covered in the python client driver. I must have miss something.

In short, my question is: How do I login to cassandra using python?

Thanks in advance for any hint possible!

================================================= Got it figured.

I should provide the username and password in the auth_provider field which is a function returning a dictionary containing 'username' and 'password' keys with appropriate string values.

Something like

def getCredential(self, host):
    credential = {'username':'myUser', 'password':'myPassword'}
                    return credential
    
cluster = Cluster(nodes, auth_provider=getCredential)

Answer 1

Following the ops recommendation use:

from cassandra.cluster import Cluster

def getCredential(self):
    return {'username': 'foo', 'password': 'bar'} 

node_ips = ['0.0.0.0', '0.0.0.1']

cluster = Cluster(node_ips, protocol_version=1, auth_provider=getCredential)
session = cluster.connect()

If you're using protocol version 2 then you must authenticate with an AuthProvider object. EX:

from cassandra.auth import PlainTextAuthProvider
from cassandra.cluster import Cluster

ap = PlainTextAuthProvider(username=foo, password=bar)
c = Cluster(protocol_version=2, auth_provider=ap)
s = c.connect()

Can someone can explain best practices using either of these methods to authenticate with a remote cluster?

Answer 2

Here you go.. Below is the code to connect with cassandra from python.

from cassandra.cluster import Cluster
from cassandra.auth import PlainTextAuthProvider
auth_provider = PlainTextAuthProvider(username='username', password='password')
cluster = Cluster(["hostname"],auth_provider = auth_provider)
session = cluster.connect()
session.set_keyspace('keyspace')
cluster.connect()

Answer 3

If you're using protocol version 4 then you must authenticate with an AuthProvider object, defining a previous auth_provider

from cassandra.auth import PlainTextAuthProvider
from cassandra.cqlengine import connection

    auth_provider = PlainTextAuthProvider(username='user_name', password='user_pwd')

    connection.setup(cassandra_host, default_keyspace, retry_connect=True, protocol_version=4, auth_provider=auth_provider)

Answer 4

Now you can do the following:

from cassandra.cluster import Cluster
from cassandra.auth import PlainTextAuthProvider

auth_provider = PlainTextAuthProvider(
        username='cassandra', password='cassandra')
cluster = Cluster(['non-local-address'], port=9042, auth_provider = auth_provider)

session = cluster.connect('yourkeyspace')
session.execute('USE yourkeyspace')
session.execute("SELECT * FROM yourkeyspace.yourtable").one()

Answer 5

Surprisingly enough, no one suggested at least something safer than hard-coding authentication credentials. Considering you use git or any other VCS, this way of initialization may lead to a pretty significant security problems. I would recommend to store your username, password, IPs, ports and other private information in some configuration file, which isn't stored in VCS so if someone accesses the code, the data will still be safe.

config.yaml:

cassandra:
    username: username
    password: password
    hosts: [10.42.42.42, 10.10.42.42]

code.py:

import yaml
import cassandra.cluster
import cassandra.auth

from cassandra.policies import DCAwareRoundRobinPolicy


class Cassandra:
    def __init__(self, config):
        config = config['cassandra']
        auth_provider = cassandra.auth.PlainTextAuthProvider(
            username=config['username'],
            password=config['password'])

        self.__cluster = cassandra.cluster.Cluster(
            contact_points=config['hosts'],
            load_balancing_policy=DCAwareRoundRobinPolicy(),
            auth_provider=auth_provider)

        self.__session = self.__cluster.connect()

def query():
    result = self.__session.execute("SELECT * FROM table")
    return result._current_rows

with open('config.yaml', 'r') as f:
    config = yaml.load(f)

cassandra = Cassandra(config)
data = cassandra.query()