[ https://issues.apache.org/jira/browse/GEODE-2605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Diane Hardman updated GEODE-2605: --------------------------------- Description: I have configured a small cluster with security and am testing the privileges I need for creating a Lucene index and then executing a query/search using Lucene. I have confirmed that DATA:MANAGE privilege allows me to create a lucene index (similar to creating OQL indexes). I assumed I needed DATA:WRITE privilege to execute 'search lucene' because the implementation uses a function. Instead, I am getting an error that I need CLUSTER:READ privilege. I don't know why. As an aside, we may want to document that all DATA privileges automatically include CLUSTER:READ as I found I could create indexes with DATA:MANAGE, but could not list the indexes I created without CLUSTER:READ... go figure. was: I have configured a small cluster with security and am testing the privileges I need for creating a Lucene index and then executing a query/search using Lucene. I have confirmed that DATA:MANAGE privilege allows me to create a lucene index (similar to creating OQL indexes). I assumed I needed DATA:WRITE privilege to execute 'search lucene' because the implementation uses a function. Instead, I am getting an error that I need CLUSTER:READ privilege. I don't know why. As an aside, we may want to document that all DATA privileges automatically include CLUSTER:READ as I found I could create indexes with DATA:WRITE, but could not list the indexes I created without CLUSTER:READ... go figure. > Unable to do a Lucene query without CLUSTER:READ privilege > ---------------------------------------------------------- > > Key: GEODE-2605 > URL: https://issues.apache.org/jira/browse/GEODE-2605 > Project: Geode > Issue Type: Bug > Components: docs, lucene, security > Reporter: Diane Hardman > Assignee: Barry Oglesby > Fix For: 1.2.0 > > Attachments: security.json > > > I have configured a small cluster with security and am testing the privileges > I need for creating a Lucene index and then executing a query/search using > Lucene. > I have confirmed that DATA:MANAGE privilege allows me to create a lucene > index (similar to creating OQL indexes). > I assumed I needed DATA:WRITE privilege to execute 'search lucene' because > the implementation uses a function. Instead, I am getting an error that I > need CLUSTER:READ privilege. I don't know why. > As an aside, we may want to document that all DATA privileges automatically > include CLUSTER:READ as I found I could create indexes with DATA:MANAGE, but > could not list the indexes I created without CLUSTER:READ... go figure. -- This message was sent by Atlassian JIRA (v6.3.15#6346)