accumulo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Edmon Begoli <ebeg...@gmail.com>
Subject Re: Setting appropriate user authorizations - how and what are the best practices
Date Mon, 06 Aug 2012 15:27:02 GMT
Just for the archiving purposes (and maybe we should add something
like this to the manual):

I was successful at running a scan by adding authorizations to my user
from the accumulo shell (execute $ $ACCUMULO_HOME/bin/accumulo/shell
-u myroot ):

>myroot@myinstance setauths -u myuser -s LEVEL1,GROUP1

Regards,
Edmon

On Mon, Aug 6, 2012 at 11:07 AM, Keith Turner <keith@deenlo.com> wrote:
> On Mon, Aug 6, 2012 at 10:49 AM, John Armstrong <jrja@ccri.com> wrote:
>> On 08/06/2012 10:45 AM, John Vines wrote:
>>>
>>> That error occurs when a user tried to do a scan with an authorization
>>> they do not have granted to them. Make sure that the user has the
>>> authorizations they are trying to scan with (if this is an unintended
>>> error). Otherwise, it's working as intended.
>>
>>
>> I ran into that myself, and it's easy enough (for me) to make sure users
>> only ever request authorizations they've been granted, but it did make me
>> wonder why throw an exception there?  Why not only apply the intersection of
>> granted+requested authorizations and log a warning to note that an ungranted
>> authorization was requested and ignored?
>
> I will work on ACCUMULO-246 for 1.5.0 so that you can have the
> behavior you want.

Mime
View raw message