You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@cassandra.apache.org by rock zhang <ro...@alohar.com> on 2015/08/04 04:12:04 UTC
only grant select , but still can modify data
Hi All,
I want to create a readonly account, so i run the following command following: http://docs.datastax.com/en/cassandra/1.2/cassandra/security/security_config_native_authenticate_t.html
CREATE USER readonly WITH PASSWORD 'xxxx' ;
GRANT SELECT ON ALL KEYSPACES TO readonly;
Then I login DevCenter with readonly account , i still can modify the data, anyone knows why ? Many thanks.
I set keyspace system_auth replica as 6 since i have 6 nodes.
Thanks
Rock
Re: only grant select , but still can modify data
Posted by Russell Bradberry <rb...@gmail.com>.
Did you set your authorizer correctly?
http://docs.datastax.com/en/cassandra/1.2/cassandra/security/secure_config_native_authorize_t.html
-Russ
From: Dan Jatnieks
Reply-To: <us...@cassandra.apache.org>
Date: Wednesday, August 5, 2015 at 5:03 PM
To: <us...@cassandra.apache.org>
Subject: Re: only grant select , but still can modify data
Hi Rock,
I was not able to reproduce this problem using C* 2.2 and DevCenter 1.4. What versions are you using? Did you check that the DevCenter connection properties are using the "readonly" account and that any existing connection was closed and re-opened? Did you get the expected result with cqlsh?
dan
On Mon, Aug 3, 2015 at 7:12 PM, rock zhang <ro...@alohar.com> wrote:
Hi All,
I want to create a readonly account, so i run the following command following: http://docs.datastax.com/en/cassandra/1.2/cassandra/security/security_config_native_authenticate_t.html
CREATE USER readonly WITH PASSWORD 'xxxx' ;
GRANT SELECT ON ALL KEYSPACES TO readonly;
Then I login DevCenter with readonly account , i still can modify the data, anyone knows why ? Many thanks.
I set keyspace system_auth replica as 6 since i have 6 nodes.
Thanks
Rock
--
Dan Jatnieks
Software Engineer | danj@datastax.com
Re: only grant select , but still can modify data
Posted by Rock Zhang <ro...@alohar.com>.
I am using C*2.1 and DevCenter 1.3.1, it is not easy to upgrade C*2.1 to
C*2.2 since it running in production, but I will upgrade the DevCenter.
Thanks
Rock
On Aug 5, 2015, at 2:03 PM, Dan Jatnieks <da...@datastax.com> wrote:
Hi Rock,
I was not able to reproduce this problem using C* 2.2 and DevCenter 1.4.
What versions are you using? Did you check that the DevCenter connection
properties are using the "readonly" account and that any existing
connection was closed and re-opened? Did you get the expected result with
cqlsh?
dan
On Mon, Aug 3, 2015 at 7:12 PM, rock zhang <ro...@alohar.com> wrote:
> Hi All,
>
> I want to create a readonly account, so i run the following command
> following:
> http://docs.datastax.com/en/cassandra/1.2/cassandra/security/security_config_native_authenticate_t.html
>
> CREATE USER readonly WITH PASSWORD 'xxxx' ;
>
> GRANT SELECT ON ALL KEYSPACES TO readonly;
>
> Then I login DevCenter with readonly account , i still can modify the
> data, anyone knows why ? Many thanks.
>
> I set keyspace system_auth replica as 6 since i have 6 nodes.
>
>
> Thanks
> Rock
>
--
<http://www.datastax.com/>
Dan Jatnieks
Software Engineer | danj@datastax.com
<https://www.linkedin.com/in/danjatnieks>
<https://www.facebook.com/datastax> <https://twitter.com/datastax>
<https://plus.google.com/+Datastax/about>
<http://feeds.feedburner.com/datastax> <https://github.com/datastax/>
<http://cassandrasummit-datastax.com/?utm_campaign=summit15&utm_medium=summiticon&utm_source=emailsignature>
Re: only grant select , but still can modify data
Posted by Dan Jatnieks <da...@datastax.com>.
Hi Rock,
I was not able to reproduce this problem using C* 2.2 and DevCenter 1.4.
What versions are you using? Did you check that the DevCenter connection
properties are using the "readonly" account and that any existing
connection was closed and re-opened? Did you get the expected result with
cqlsh?
dan
On Mon, Aug 3, 2015 at 7:12 PM, rock zhang <ro...@alohar.com> wrote:
> Hi All,
>
> I want to create a readonly account, so i run the following command
> following:
> http://docs.datastax.com/en/cassandra/1.2/cassandra/security/security_config_native_authenticate_t.html
>
> CREATE USER readonly WITH PASSWORD 'xxxx' ;
>
> GRANT SELECT ON ALL KEYSPACES TO readonly;
>
> Then I login DevCenter with readonly account , i still can modify the
> data, anyone knows why ? Many thanks.
>
> I set keyspace system_auth replica as 6 since i have 6 nodes.
>
>
> Thanks
> Rock
>
--
<http://www.datastax.com/>
Dan Jatnieks
Software Engineer | danj@datastax.com
<https://www.linkedin.com/in/danjatnieks>
<https://www.facebook.com/datastax> <https://twitter.com/datastax>
<https://plus.google.com/+Datastax/about>
<http://feeds.feedburner.com/datastax> <https://github.com/datastax/>
<http://cassandrasummit-datastax.com/?utm_campaign=summit15&utm_medium=summiticon&utm_source=emailsignature>