public interface SecurityOperations
Modifier and Type | Method and Description |
---|---|
boolean |
authenticateUser(String principal,
AuthenticationToken token)
Verify a username/password combination is valid
|
boolean |
authenticateUser(String user,
byte[] password)
Deprecated.
since 1.5.0; use
authenticateUser(String, AuthenticationToken) instead. |
void |
changeLocalUserPassword(String principal,
PasswordToken token)
Set the user's password
|
void |
changeUserAuthorizations(String principal,
Authorizations authorizations)
Set the user's record-level authorizations
|
void |
changeUserPassword(String user,
byte[] password)
Deprecated.
since 1.5.0; use
changeLocalUserPassword(String, PasswordToken) or the user management functions of your configured authenticator
instead. |
void |
createLocalUser(String principal,
PasswordToken password)
Create a user
|
void |
createUser(String user,
byte[] password,
Authorizations authorizations)
Deprecated.
since 1.5.0; use
createLocalUser(String, PasswordToken) or the user management functions of your configured authenticator instead. |
void |
dropLocalUser(String principal)
Delete a user
|
void |
dropUser(String user)
Deprecated.
since 1.5.0; use
dropUser(String) or the user management functions of your configured authenticator instead. |
DelegationToken |
getDelegationToken(DelegationTokenConfig cfg)
Obtain a
DelegationToken for use when Kerberos credentials cannot be used (e.g. |
Authorizations |
getUserAuthorizations(String principal)
Retrieves the user's authorizations for scanning
|
void |
grantNamespacePermission(String principal,
String namespace,
NamespacePermission permission)
Grant a user a specific permission for a specific namespace
|
void |
grantSystemPermission(String principal,
SystemPermission permission)
Grant a user a system permission
|
void |
grantTablePermission(String principal,
String table,
TablePermission permission)
Grant a user a specific permission for a specific table
|
boolean |
hasNamespacePermission(String principal,
String namespace,
NamespacePermission perm)
Verify the user has a particular namespace permission
|
boolean |
hasSystemPermission(String principal,
SystemPermission perm)
Verify the user has a particular system permission
|
boolean |
hasTablePermission(String principal,
String table,
TablePermission perm)
Verify the user has a particular table permission
|
Set<String> |
listLocalUsers()
Return a list of users in accumulo
|
Set<String> |
listUsers()
Deprecated.
since 1.5.0; use
listLocalUsers() or the user management functions of your configured authenticator instead. |
void |
revokeNamespacePermission(String principal,
String namespace,
NamespacePermission permission)
Revoke a namespace permission for a specific user on a specific namespace
|
void |
revokeSystemPermission(String principal,
SystemPermission permission)
Revoke a system permission from a user
|
void |
revokeTablePermission(String principal,
String table,
TablePermission permission)
Revoke a table permission for a specific user on a specific table
|
@Deprecated void createUser(String user, byte[] password, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException
createLocalUser(String, PasswordToken)
or the user management functions of your configured authenticator instead.user
- the name of the user to createpassword
- the plaintext password for the userauthorizations
- the authorizations that the user has for scanningAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to create a uservoid createLocalUser(String principal, PasswordToken password) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to createpassword
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to create a user@Deprecated void dropUser(String user) throws AccumuloException, AccumuloSecurityException
dropUser(String)
or the user management functions of your configured authenticator instead.user
- the user name to deleteAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to delete a uservoid dropLocalUser(String principal) throws AccumuloException, AccumuloSecurityException
principal
- the user name to deleteAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to delete a user@Deprecated boolean authenticateUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException
authenticateUser(String, AuthenticationToken)
instead.user
- the name of the user to authenticatepassword
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to askboolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to authenticatetoken
- the SecurityToken for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to ask@Deprecated void changeUserPassword(String user, byte[] password) throws AccumuloException, AccumuloSecurityException
changeLocalUserPassword(String, PasswordToken)
or the user management functions of your configured authenticator
instead.user
- the name of the user to modifypassword
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to modify a uservoid changeLocalUserPassword(String principal, PasswordToken token) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifytoken
- the plaintext password for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to modify a uservoid changeUserAuthorizations(String principal, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifyauthorizations
- the authorizations that the user has for scanningAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to modify a userAuthorizations getUserAuthorizations(String principal) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to queryAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userboolean hasSystemPermission(String principal, SystemPermission perm) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to queryperm
- the system permission to check forAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userboolean hasTablePermission(String principal, String table, TablePermission perm) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to querytable
- the name of the table to query aboutperm
- the table permission to check forAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a userboolean hasNamespacePermission(String principal, String namespace, NamespacePermission perm) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to querynamespace
- the name of the namespace to query aboutperm
- the namespace permission to check forAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query a uservoid grantSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifypermission
- the system permission to grant to the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to grant a user permissionsvoid grantTablePermission(String principal, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifytable
- the name of the table to modify for the userpermission
- the table permission to grant to the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to grant a user permissionsvoid grantNamespacePermission(String principal, String namespace, NamespacePermission permission) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifynamespace
- the name of the namespace to modify for the userpermission
- the namespace permission to grant to the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to grant a user permissionsvoid revokeSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifypermission
- the system permission to revoke for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to revoke a user's permissionsvoid revokeTablePermission(String principal, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifytable
- the name of the table to modify for the userpermission
- the table permission to revoke for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to revoke a user's permissionsvoid revokeNamespacePermission(String principal, String namespace, NamespacePermission permission) throws AccumuloException, AccumuloSecurityException
principal
- the name of the user to modifynamespace
- the name of the namespace to modify for the userpermission
- the namespace permission to revoke for the userAccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to revoke a user's permissions@Deprecated Set<String> listUsers() throws AccumuloException, AccumuloSecurityException
listLocalUsers()
or the user management functions of your configured authenticator instead.AccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query usersSet<String> listLocalUsers() throws AccumuloException, AccumuloSecurityException
AccumuloException
- if a general error occursAccumuloSecurityException
- if the user does not have permission to query usersDelegationToken getDelegationToken(DelegationTokenConfig cfg) throws AccumuloException, AccumuloSecurityException
DelegationToken
for use when Kerberos credentials cannot be used (e.g. YARN Jobs)AccumuloException
AccumuloSecurityException
Copyright © 2011–2017 The Apache Software Foundation. All rights reserved.