Subscribe to Posts by Email

Subscriber Count

    701

Disclaimer

All information is offered in good faith and in the hope that it may be of use for educational purpose and for Database community purpose, but is not guaranteed to be correct, up to date or suitable for any particular purpose. db.geeksinsight.com accepts no liability in respect of this information or its use. This site is independent of and does not represent Oracle Corporation in any way. Oracle does not officially sponsor, approve, or endorse this site or its content and if notify any such I am happy to remove. Product and company names mentioned in this website may be the trademarks of their respective owners and published here for informational purpose only. This is my personal blog. The views expressed on these pages are mine and learnt from other blogs and bloggers and to enhance and support the DBA community and this web blog does not represent the thoughts, intentions, plans or strategies of my current employer nor the Oracle and its affiliates or any other companies. And this website does not offer or take profit for providing these content and this is purely non-profit and for educational purpose only. If you see any issues with Content and copy write issues, I am happy to remove if you notify me. Contact Geek DBA Team, via geeksinsights@gmail.com

Pages

Cassandra for Oracle DBA’s Part 9 : Creating Users & Granting Privileges

 

Create User in cassandra involve to change the parameter in cassandra.yaml and authentication mode.

# Authentication backend, implementing IAuthenticator; used to identify users

# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthenticator,

# PasswordAuthenticator}.

# DSE also provides a Kerberos authenticator for external authentication.

#

# - AllowAllAuthenticator performs no checks - set it to disable authentication.

# - PasswordAuthenticator relies on username/password pairs to authenticate

#   users. It keeps usernames and hashed passwords in system_auth.credentials table.

#   Please increase system_auth keyspace replication factor if you use this authenticator.

# - com.datastax.bdp.cassandra.auth.KerberosAuthenticator For external authentication

#   through Kerberos. Additional configuration is required in dse.yaml

authenticator: PasswordAuthenticator

# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthorizer,

# - AllowAllAuthorizer allows any action to any user - set it to disable authorization.

authorizer: CassandraAuthorizer

# Will be disabled automatically for AllowAllAuthorizer.

 

Once the parameter is set, create user as follows using cqlsh

cqlsh> CREATE USER boone WITH PASSWORD 'Niner75' NOSUPERUSER;

cqlsh> select * from system_auth.users;

 name      | super

-----------+-------

  spillman | False

     boone | False

 cassandra |  True

     akers |  True

(4 rows)

cqlsh>

 

################

Granting privileges

#################

cqlsh:PortfolioDemo>

cqlsh> grant all on keyspace "PortfolioDemo" to akers;

cqlsh> grant all on keyspace "PortfolioDemo" to akers,boone,spillman;

Bad Request: line 1:46 missing EOF at ','

cqlsh> grant all on keyspace "PortfolioDemo" to boone,spillman;

Bad Request: line 1:46 missing EOF at ','

cqlsh> grant all on keyspace "PortfolioDemo" to boone;

cqlsh> grant all on keyspace "PortfolioDemo" to spillman;

cqlsh>

 

Comments are closed.