Interface IInternodeAuthenticator

    • Method Detail

      • authenticate

        @Deprecated(since="5.0")
        default boolean authenticate​(java.net.InetAddress remoteAddress,
                                     int remotePort)
        Deprecated.
        See CASSANDRA-17661
        Decides whether or not a peer is allowed to connect to this node. If this method returns false, the socket will be immediately closed.
        Parameters:
        remoteAddress - ip address of the connecting node.
        remotePort - port of the connecting node.
        Returns:
        true if the connection should be accepted, false otherwise.
      • authenticate

        default boolean authenticate​(java.net.InetAddress remoteAddress,
                                     int remotePort,
                                     java.security.cert.Certificate[] certificates,
                                     IInternodeAuthenticator.InternodeConnectionDirection connectionType)
        Decides whether a peer is allowed to connect to this node. If this method returns false, the socket will be immediately closed.

        Default implementation calls authenticate method by IP and port method

        1. If it is IP based authentication ignore the certificates & connectionType parameters in the implementation of this method. 2. For certificate based authentication like mTLS, server's identity for outbound connections is verified by the trusted root certificates in the outbound_keystore. In such cases this method may be overridden to return true when certificateType is OUTBOUND, as the authentication of the server happens during SSL Handshake.

        Parameters:
        remoteAddress - ip address of the connecting node.
        remotePort - port of the connecting node.
        certificates - peer certificates
        connectionType - If the connection is inbound/outbound connection.
        Returns:
        true if the connection should be accepted, false otherwise.
      • validateConfiguration

        void validateConfiguration()
                            throws ConfigurationException
        Validates configuration of IInternodeAuthenticator implementation (if configurable).
        Throws:
        ConfigurationException - when there is a configuration error.
      • setupInternode

        default void setupInternode()
        Setup is called once upon system startup to initialize the IAuthenticator. For example, use this method to do any required initialization of the class.