You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ignite.apache.org by ApacheUser <bh...@gmail.com> on 2018/08/16 18:57:12 UTC

Apache Ignite SQL- read Only User Creation

Hello Ignite team,

We are using  Apache Ignite are SQL reporting cluster . Ignite Persistence
and authenticationEnabled . We need a read only user role apart from ignite
user, is there any role or a way to create user with read only previllages?

Thanks




--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/

Re: Apache Ignite SQL- read Only User Creation

Posted by aealexsandrov <ae...@gmail.com>.

Hi,

Yes, when you are using ignite advance security (not GridSecurityProcessor
interface) then you are able only to manage the password.
https://apacheignite.readme.io/docs/advanced-security provides the simple
password authentification security.

You can only:

1)Create the user - https://apacheignite-sql.readme.io/docs/create-user
2)Change the user password -
https://apacheignite-sql.readme.io/docs/alter-user
3)Delete the user - https://apacheignite-sql.readme.io/docs/alter-user

In case if you are required additional functionality then try to implement
GridSecurityProcessor.

BR,
Andrei



--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/

Re: Apache Ignite SQL- read Only User Creation

Posted by ApacheUser <bh...@gmail.com>.

Thanks Andrei,

I ceated user but can't alter user except for changing password, The user is
able to delete rows or truncate tables which I dont want except ignite user.

Thanks




--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/

Re: Apache Ignite SQL- read Only User Creation

Posted by aealexsandrov <ae...@gmail.com>.

Hi,

I believe that you said about
https://apacheignite.readme.io/docs/advanced-security

It will provide the possibility to create/drop/alter the users. Also, it
provides the only simple authentification with the password. You can't set
the rules like read-only using it.

Also, you can try to implement the GridSecurityProcessor interface and
integrate this logic there or use some third-party plugin for Ignite that
already contains the security functionality. For example  this one
<https://www.gridgain.com/>  .

Some information about how it could be done you can see here:

http://apache-ignite-users.70518.x6.nabble.com/Authentication-for-Apache-Ignite-2-5-td22565.html

BR,
Andrei



--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/