org.apache.accumulo.core.client.admin
Interface SecurityOperations

All Known Implementing Classes:
MockSecurityOperations, SecurityOperationsImpl

public interface SecurityOperations

Provides a class for managing users and permissions


Method Summary
 boolean authenticateUser(String user, byte[] password)
          Verify a username/password combination is valid
 void changeUserAuthorizations(String user, Authorizations authorizations)
          Set the user's record-level authorizations
 void changeUserPassword(String user, byte[] password)
          Set the user's password
 void createUser(String user, byte[] password, Authorizations authorizations)
          Create a user
 void dropUser(String user)
          Delete a user
 Authorizations getUserAuthorizations(String user)
          Retrieves the user's authorizations for scanning
 void grantSystemPermission(String user, SystemPermission permission)
          Grant a user a system permission
 void grantTablePermission(String user, String table, TablePermission permission)
          Grant a user a specific permission for a specific table
 boolean hasSystemPermission(String user, SystemPermission perm)
          Verify the user has a particular system permission
 boolean hasTablePermission(String user, String table, TablePermission perm)
          Verify the user has a particular table permission
 Set<String> listUsers()
          Return a list of users in accumulo
 void revokeSystemPermission(String user, SystemPermission permission)
          Revoke a system permission from a user
 void revokeTablePermission(String user, String table, TablePermission permission)
          Revoke a table permission for a specific user on a specific table
 

Method Detail

createUser

void createUser(String user,
                byte[] password,
                Authorizations authorizations)
                throws AccumuloException,
                       AccumuloSecurityException
Create a user

Parameters:
user - the name of the user to create
password - the plaintext password for the user
authorizations - the authorizations that the user has for scanning
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to create a user

dropUser

void dropUser(String user)
              throws AccumuloException,
                     AccumuloSecurityException
Delete a user

Parameters:
user - the user name to delete
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to delete a user

authenticateUser

boolean authenticateUser(String user,
                         byte[] password)
                         throws AccumuloException,
                                AccumuloSecurityException
Verify a username/password combination is valid

Parameters:
user - the name of the user to authenticate
password - the plaintext password for the user
Returns:
true if the user asking is allowed to know and the specified user/password is valid, false otherwise
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to ask

changeUserPassword

void changeUserPassword(String user,
                        byte[] password)
                        throws AccumuloException,
                               AccumuloSecurityException
Set the user's password

Parameters:
user - the name of the user to modify
password - the plaintext password for the user
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to modify a user

changeUserAuthorizations

void changeUserAuthorizations(String user,
                              Authorizations authorizations)
                              throws AccumuloException,
                                     AccumuloSecurityException
Set the user's record-level authorizations

Parameters:
user - the name of the user to modify
authorizations - the authorizations that the user has for scanning
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to modify a user

getUserAuthorizations

Authorizations getUserAuthorizations(String user)
                                     throws AccumuloException,
                                            AccumuloSecurityException
Retrieves the user's authorizations for scanning

Parameters:
user - the name of the user to query
Returns:
the set of authorizations the user has available for scanning
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to query a user

hasSystemPermission

boolean hasSystemPermission(String user,
                            SystemPermission perm)
                            throws AccumuloException,
                                   AccumuloSecurityException
Verify the user has a particular system permission

Parameters:
user - the name of the user to query
perm - the system permission to check for
Returns:
true if user has that permission; false otherwise
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to query a user

hasTablePermission

boolean hasTablePermission(String user,
                           String table,
                           TablePermission perm)
                           throws AccumuloException,
                                  AccumuloSecurityException
Verify the user has a particular table permission

Parameters:
user - the name of the user to query
table - the name of the table to query about
perm - the table permission to check for
Returns:
true if user has that permission; false otherwise
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to query a user

grantSystemPermission

void grantSystemPermission(String user,
                           SystemPermission permission)
                           throws AccumuloException,
                                  AccumuloSecurityException
Grant a user a system permission

Parameters:
user - the name of the user to modify
permission - the system permission to grant to the user
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to grant a user permissions

grantTablePermission

void grantTablePermission(String user,
                          String table,
                          TablePermission permission)
                          throws AccumuloException,
                                 AccumuloSecurityException
Grant a user a specific permission for a specific table

Parameters:
user - the name of the user to modify
table - the name of the table to modify for the user
permission - the table permission to grant to the user
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to grant a user permissions

revokeSystemPermission

void revokeSystemPermission(String user,
                            SystemPermission permission)
                            throws AccumuloException,
                                   AccumuloSecurityException
Revoke a system permission from a user

Parameters:
user - the name of the user to modify
permission - the system permission to revoke for the user
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to revoke a user's permissions

revokeTablePermission

void revokeTablePermission(String user,
                           String table,
                           TablePermission permission)
                           throws AccumuloException,
                                  AccumuloSecurityException
Revoke a table permission for a specific user on a specific table

Parameters:
user - the name of the user to modify
table - the name of the table to modify for the user
permission - the table permission to revoke for the user
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to revoke a user's permissions

listUsers

Set<String> listUsers()
                      throws AccumuloException,
                             AccumuloSecurityException
Return a list of users in accumulo

Returns:
a set of user names
Throws:
AccumuloException - if a general error occurs
AccumuloSecurityException - if the user does not have permission to query users


Copyright © 2014 The Apache Software Foundation. All Rights Reserved.