You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Jackson Chung (Updated) (JIRA)" <ji...@apache.org> on 2011/10/21 01:00:12 UTC

[jira] [Updated] (CASSANDRA-3392) SimpleAuthority does not respect access.properties seeting that do not have CF

     [ https://issues.apache.org/jira/browse/CASSANDRA-3392?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jackson Chung updated CASSANDRA-3392:
-------------------------------------

    Attachment: 3392.patch

3392.patch based on trunk. though it is fair to say its not a pretty patch.
                
> SimpleAuthority does not respect access.properties seeting that do not have CF
> ------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-3392
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-3392
>             Project: Cassandra
>          Issue Type: Bug
>            Reporter: Jackson Chung
>            Priority: Minor
>         Attachments: 3392.patch
>
>
> when using SimpleAuthenticator in the example, if I am not mistaken, user is allowed to config :
> {noformat}
> testks.<ro>=jackson
> testks.<rw>=action
> <modify-keyspaces>=somebody
> {noformat}
> by that, the desire effect should be user "jackson" can perform read access for everything in testks keyspace, that should implies any column family in it.
> likewise user "action" can perform any write access for everything in the testks keyspace, that should implies any column family in it.
> If the above is not true, then please mark this invalid, otherwise it currently does not do the above. When I have the above setting, my get/read from that keyspace was resulting in InvalidRequestException:
> [default@testks] get testcf[utf8('j')];
> null
> InvalidRequestException(why:#<User jackson groups=[]> does not have permission READ for /cassandra/keyspaces/testks/testcf)
> [default@testks] list testcf;
> Using default limit of 100
> null
> InvalidRequestException(why:#<User jackson groups=[]> does not have permission READ for /cassandra/keyspaces/testks/testcf)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira