incubator-accumulo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Billie J Rinaldi <billie.j.rina...@ugov.gov>
Subject Re: Passing scan authorizations that exceed the Accumulo user's authorizations
Date Fri, 16 Dec 2011 14:18:52 GMT
On Thursday, December 15, 2011 1:50:49 PM, "John Stoneham" <lyric@lyrically.net> wrote:
> As an Accumulo user I'd prefer the behavior documented in
> getBatchScanner (that is, intersect on the server side the Accumulo
> user's authorizations with the authorizations passed). In that
> situation, I can safely pass all the authorizations my end-user might
> have, including any unexpected new (or dynamic) ones that weren't
> known when I started the application. Updating the Accumulo user's
> authorizations (addition or removal) would not require an application
> restart.

It sounds like you always want to scan with all the authorizations your user has.  In that
case, you don't need a list of all possible authorizations to pass in -- just pass in the
user's actual authorizations, which can be retrieved with
connector.securityOperations().getUserAuthorizations(user).

Billie

Mime
View raw message