Cassandra connector

The Cassandra connector fully supports all modern versions of Cassandra, specifically all versions using the Cassandra protocol versions 3, 4 and 5.

This includes Cassandra 3.x and 4.x, and compatible databases such as Amazon Keyspaces, Azure Cosmos DB, and ScyllaDB.

SSL/TLS connections are fully supported, both to the server(s) and to the clients.

Related pages

Cassandra packets: describes all the packet types used by Cassandra

Cassandra filters: shows all the filter types for Cassandra

Contexts: lists the JavaScript contexts available in filters

Data types: how Cassandra data types are mapped to JavaScript

CQL parsing service: analyzes CQL to describe what it does

Hiding data in Cassandra: an article on data masking


The Cassandra connector takes the following parameters:

Connection name

Can be any name you want.


If checked, then this connection will be active any time Gallium Data is running, meaning that the local port will be open and listening for requests. If you uncheck this (and then click Publish), then the connection is "commented out" -- it's as if it didn't exist, but you can still keep it around and re-activate it later.


The type of database for this connection. This is set when you create the connection and cannot be changed afterwards.

Server host

The name or address of the Cassandra contact point. This can be a partial name (like dbserver), a fully qualified name (like, an IP4 address (like or an IP6 address if your network supports IP6 (e.g. 266a:1790:2920:69e0:35c:d8ac:da8e:15e0). 

If you are running Gallium Data as a Docker container, and the database is on the host machine, you can use host.docker.internal to connect to the host machine (on Windows or Mac, but see here for Linux).

Local address

The address on which to listen for requests. This is typically only relevant if your server has more than one address. By default, Gallium Data will listen on all addresses (which is equivalent to

Server port

The port on the database server. For Cassandra, it's usually 9042 but it can also be something else. 

Local port

The port number in the Docker container on which Gallium Data will be listening to requests from database clients. 

Remember that this is the port in the Docker container -- if you map it to your host machine, you can map it to any other port number.

If you map it to  a port other than 9042, your Cassandra clients will need to specify that port.

Use SSL to server

Whether to use SSL/TLS when connecting to the Cassandra server. There are three options:

Note that, if you want to use SSL/TLS (i.e. either always or on request), the database server's certificate must be trusted by Gallium Data, meaning that either the database server uses a certificate that is signed by a well-known certificate authority, or the certificate (or its signer's certificate) is installed in the Gallium Data project's trust (under Project > Properties). You can also use the Trust server certificate option (see below).

SSL authentication with server

Whether Gallium Data should present a certificate to the Cassandra server when establishing an SSL connection.

This option is needed if the Cassandra server is set up to require SSL authentication.

If this option is selected, you must install a private key trusted by the Cassandra server, as well as any certificates going with it, in the project's key area (under Project > Properties).

Use SSL to client

Much like the previous parameter, three values are possible:

If you use always or on request, you must install a private key, as well as any certificates going with it, in the project's key area (under Project > Properties).

Require SSL authentication from clients

If this option is selected, and SSL is active for clients, then any clients connecting to Gallium Data over SSL will be required to present SSL credentials. The certificate(s) for such credentials must be installed in the Gallium Data project's trust (under Project > Properties).

Trust server certificate

Whether to accept Cassandra's SSL certificate at face value, or not. 

If this is false, and SSL is required, then Cassandra's SSL certificate will be verified, either by being signed by a well-known certificate authority, or by verifying it with the chain of certificates provided in the project's Trust entry.  If the verification fails, the connection will fail.

If this is true, then the Cassandra SSL certificate will be accepted without verification.

Timeout to server

This specifies the number of milliseconds to wait when establishing a connection to the Cassandra server. The default value (15 seconds) is usually adequate for most cases.