cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michal Michalski <mich...@opera.com>
Subject User authorized for <modify-keyspace> cannot create CFs
Date Tue, 17 Apr 2012 12:23:11 GMT
Hi,

I'm suffering a problem, which maybe is a feature ( ;) ), but for me 
it's rather an annoying problem. I use SimpleAuthenticator and I have 
user who should be a kind of Cassandra's keyspace "root" - he should be 
allowed to do everything. So I set:

<modify-keyspaces>=master

Unluckily, when I try to create CFs (with a script) I get:

pycassa.cassandra.c10.ttypes.InvalidRequestException: 
InvalidRequestException(why='#<User master groups=[]> does not have 
permission WRITE for /cassandra/keyspaces/test')

It's not a problem of logging in, because if I provide wrong password I 
get different error:

pycassa.cassandra.c10.ttypes.AuthenticationException: 
AuthenticationException(why='Given password in password mode MD5 could 
not be validated for user master')

When I go back to AllowAllAuthority for a while, create CFs and then 
move back to SimpleAuthority (user has <rw> on all CFs) it's working 
perfectly to manipulate the data in CFs in this keyspace. But altering 
CFs settings still fails.

So, the question is - is it intended to work this way, that user with 
"modify-keyspace" permission cannot - sic! - modify the keyspace in 
terms of creating/altering CF? Is it a bug, or a feature? If feature - 
why? :)

Or maybe this setting is for other purposes and I just don't understand 
the idea? ;)

Kind regards,
MichaƂ M.

Mime
View raw message