[jira] [Updated] (GEODE-2605) Unable to do a Lucene query without CLUSTER:READ privilege

Mon, 24 Apr 2017 19:21:47 -0700 

     [ 
https://issues.apache.org/jira/browse/GEODE-2605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Diane Hardman updated GEODE-2605:
---------------------------------
    Description: 
I have configured a small cluster with security and am testing the privileges I 
need for creating a Lucene index and then executing a query/search using 
Lucene. 
I have confirmed that DATA:MANAGE privilege allows me to create a lucene index 
(similar to creating OQL indexes).
I assumed I needed DATA:WRITE privilege to execute 'search lucene' because the 
implementation uses a function. Instead, I am getting an error that I need 
CLUSTER:READ privilege. I don't know why.

As an aside, we may want to document that all DATA privileges automatically 
include CLUSTER:READ as I found I could create indexes with DATA:MANAGE, but 
could not list the indexes I created without CLUSTER:READ... go figure.

  was:
I have configured a small cluster with security and am testing the privileges I 
need for creating a Lucene index and then executing a query/search using 
Lucene. 
I have confirmed that DATA:MANAGE privilege allows me to create a lucene index 
(similar to creating OQL indexes).
I assumed I needed DATA:WRITE privilege to execute 'search lucene' because the 
implementation uses a function. Instead, I am getting an error that I need 
CLUSTER:READ privilege. I don't know why.

As an aside, we may want to document that all DATA privileges automatically 
include CLUSTER:READ as I found I could create indexes with DATA:WRITE, but 
could not list the indexes I created without CLUSTER:READ... go figure.


> Unable to do a Lucene query without CLUSTER:READ privilege
> ----------------------------------------------------------
>
>                 Key: GEODE-2605
>                 URL: https://issues.apache.org/jira/browse/GEODE-2605
>             Project: Geode
>          Issue Type: Bug
>          Components: docs, lucene, security
>            Reporter: Diane Hardman
>            Assignee: Barry Oglesby
>             Fix For: 1.2.0
>
>         Attachments: security.json
>
>
> I have configured a small cluster with security and am testing the privileges 
> I need for creating a Lucene index and then executing a query/search using 
> Lucene. 
> I have confirmed that DATA:MANAGE privilege allows me to create a lucene 
> index (similar to creating OQL indexes).
> I assumed I needed DATA:WRITE privilege to execute 'search lucene' because 
> the implementation uses a function. Instead, I am getting an error that I 
> need CLUSTER:READ privilege. I don't know why.
> As an aside, we may want to document that all DATA privileges automatically 
> include CLUSTER:READ as I found I could create indexes with DATA:MANAGE, but 
> could not list the indexes I created without CLUSTER:READ... go figure.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to