Package org.apache.cassandra.auth

Class CassandraRoleManager

  • All Implemented Interfaces:
    AuthCache.BulkLoader<RoleResource,​java.util.Set<Role>>, IRoleManager
    public class CassandraRoleManager
extends java.lang.Object
implements IRoleManager
    Responsible for the creation, maintenance and deletion of roles for the purposes of authentication and authorization. Role data is stored internally, using the roles and role_members tables in the system_auth keyspace. Additionally, if org.apache.cassandra.auth.PasswordAuthenticator is used, encrypted passwords are also stored in the system_auth.roles table. This coupling between the IAuthenticator and IRoleManager implementations exists because setting a role's password via CQL is done with a CREATE ROLE or ALTER ROLE statement, the processing of which is handled by IRoleManager. As IAuthenticator is concerned only with credentials checking and has no means to modify passwords, PasswordAuthenticator depends on CassandraRoleManager for those functions. Alternative IAuthenticator implementations may be used in conjunction with CassandraRoleManager, but WITH PASSWORD = 'password' will not be supported in CREATE/ALTER ROLE statements. Such a configuration could be implemented using a custom IRoleManager that extends CassandraRoleManager and which includes Option.PASSWORD in the Set<Option> returned from supportedOptions/alterableOptions. Any additional processing of the password itself (such as storing it in an alternative location) would be added in overridden createRole and alterRole implementations.

    • Field Detail

      • DEFAULT_SUPERUSER_NAME

        public static final java.lang.String DEFAULT_SUPERUSER_NAME
        See Also:
        Constant Field Values

      • DEFAULT_SUPERUSER_PASSWORD

        public static final java.lang.String DEFAULT_SUPERUSER_PASSWORD
        See Also:
        Constant Field Values

    • Constructor Detail

      • CassandraRoleManager

        public CassandraRoleManager()

    • Method Detail

      • setup

        public void setup()
        Description copied from interface: IRoleManager
        Hook to perform implementation specific initialization, called once upon system startup. For example, use this method to create any required keyspaces/column families.
        Specified by:
        setup in interface IRoleManager

      • roleForIdentity

        public java.lang.String roleForIdentity​(java.lang.String identity)
        Description copied from interface: IRoleManager
        Each valid identity is associated with a role in the identity_to_role table, this method returns role of a given identity
        Specified by:
        roleForIdentity in interface IRoleManager
        Parameters:
        identity - identity whose role to be retrieved
        Returns:
        role of the given identity

      • authorizedIdentities

        public java.util.Map<java.lang.String,​java.lang.String> authorizedIdentities()
        Description copied from interface: IRoleManager
        Returns all the authorized identities from the identity_to_role table
        Specified by:
        authorizedIdentities in interface IRoleManager
        Returns:
        Map of identity -> roles

      • addIdentity

        public void addIdentity​(java.lang.String identity,
                        java.lang.String role)
        Description copied from interface: IRoleManager
        Adds a row (identity, role) to the identity_to_role table
        Specified by:
        addIdentity in interface IRoleManager
        Parameters:
        identity - identity to be added
        role - role that is associated with the identity

      • isExistingIdentity

        public boolean isExistingIdentity​(java.lang.String identity)
        Description copied from interface: IRoleManager
        Returns if an identity exists in the identity_to_role
        Specified by:
        isExistingIdentity in interface IRoleManager
        Parameters:
        identity - identity whose existence to verify
        Returns:

      • dropIdentity

        public void dropIdentity​(java.lang.String identity)
        Description copied from interface: IRoleManager
        Called on the execution of DROP IDENTITY statement for removing a given identity from the identity_role table. This implies we want to revoke the access for the given identity.
        Specified by:
        dropIdentity in interface IRoleManager
        Parameters:
        identity - identity that has to be removed from the table

      • loadRoleStatement

        protected final void loadRoleStatement()

      • loadIdentityStatement

        protected void loadIdentityStatement()

      • supportedOptions

        public java.util.Set<IRoleManager.Option> supportedOptions()
        Description copied from interface: IRoleManager
        Set of options supported by CREATE ROLE and ALTER ROLE queries. Should never return null - always return an empty set instead.
        Specified by:
        supportedOptions in interface IRoleManager

      • alterableOptions

        public java.util.Set<IRoleManager.Option> alterableOptions()
        Description copied from interface: IRoleManager
        Subset of supportedOptions that users are allowed to alter when performing ALTER ROLE [themselves]. Should never return null - always return an empty set instead.
        Specified by:
        alterableOptions in interface IRoleManager

      • alterRole

        public void alterRole​(AuthenticatedUser performer,
                      RoleResource role,
                      RoleOptions options)
        Description copied from interface: IRoleManager
        Called during execution of ALTER ROLE statement. options are always guaranteed to be a subset of supportedOptions(). Furthermore, if the actor performing the query is not a superuser and is altering themself, then options are guaranteed to be a subset of alterableOptions(). Keep the body of the method blank if your implementation doesn't support modification of any options.
        Specified by:
        alterRole in interface IRoleManager
        Parameters:
        performer - User issuing the alter role statement.
        role - Role that will be altered.
        options - Options to alter.

      • getRoleDetails

        public java.util.Set<Role> getRoleDetails​(RoleResource grantee)
        Description copied from interface: IRoleManager
        Used to retrieve detailed role info on the full set of roles granted to a grantee. This method was not part of the V1 IRoleManager API, so a default impl is supplied which uses the V1 methods to retrieve the detailed role info for the grantee. This is essentially what clients of this interface would have to do themselves. Implementations can provide optimized versions of this method where the details can be retrieved more efficiently.
        Specified by:
        getRoleDetails in interface IRoleManager
        Parameters:
        grantee - identifies the role whose granted roles are retrieved
        Returns:
        A set of Role objects detailing the roles granted to the grantee, either directly or through inheritance.

      • isSuper

        public boolean isSuper​(RoleResource role)
        Description copied from interface: IRoleManager
        Return true if there exists a Role with the given name that also has superuser status. Superuser status may be inherited from another granted role, so this method should return true if either the named Role, or any other Role it is transitively granted has superuser status.
        Specified by:
        isSuper in interface IRoleManager
        Parameters:
        role - Role whose superuser status to verify
        Returns:
        true if the role exists and has superuser status, either directly or transitively, otherwise false.

      • canLogin

        public boolean canLogin​(RoleResource role)
        Description copied from interface: IRoleManager
        Return true if there exists a Role with the given name which has login privileges. Such privileges is not inherited from other granted Roles and so must be directly granted to the named Role with the LOGIN option of CREATE ROLE or ALTER ROLE
        Specified by:
        canLogin in interface IRoleManager
        Parameters:
        role - Role whose login privileges to verify
        Returns:
        true if the role exists and is permitted to login, otherwise false

      • getCustomOptions

        public java.util.Map<java.lang.String,​java.lang.String> getCustomOptions​(RoleResource role)
        Description copied from interface: IRoleManager
        Where an implementation supports OPTIONS in CREATE and ALTER operations this method should return the Map<String, String> representing the custom options associated with the role, as supplied to CREATE or ALTER. It should never return null; if the implementation does not support OPTIONS or if none were supplied then it should return an empty map.
        Specified by:
        getCustomOptions in interface IRoleManager
        Parameters:
        role - Role whose custom options are required
        Returns:
        Key/Value pairs representing the custom options for the Role

      • isExistingRole

        public boolean isExistingRole​(RoleResource role)
        Description copied from interface: IRoleManager
        Return true is a Role with the given name exists in the system.
        Specified by:
        isExistingRole in interface IRoleManager
        Parameters:
        role - Role whose existence to verify
        Returns:
        true if the name identifies an extant Role in the system, otherwise false

      • protectedResources

        public java.util.Set<? extends IResource> protectedResources()
        Description copied from interface: IRoleManager
        Set of resources that should be made inaccessible to users and only accessible internally.
        Specified by:
        protectedResources in interface IRoleManager
        Returns:
        Keyspaces and column families that will be unmodifiable by users; other resources.

      • createDefaultRoleQuery

        public static java.lang.String createDefaultRoleQuery()

      • scheduleSetupTask

        protected void scheduleSetupTask​(java.util.concurrent.Callable<java.lang.Void> setupTask)

      • consistencyForRoleWrite

        protected static ConsistencyLevel consistencyForRoleWrite​(java.lang.String role)
        Allows selective overriding of the consistency level for specific roles.

      • consistencyForRoleRead

        protected static ConsistencyLevel consistencyForRoleRead​(java.lang.String role)