Package org.apache.cassandra.auth
Class AuthenticatedUser
- java.lang.Object
-
- org.apache.cassandra.auth.AuthenticatedUser
-
public class AuthenticatedUser extends java.lang.Object
Returned from IAuthenticator#authenticate(), represents an authenticated user everywhere internally. Holds the name of the user and the roles that have been granted to the user. The roles will be cached for roles_validity_in_ms.
-
-
Field Summary
Fields Modifier and Type Field Description static AuthenticatedUser
ANONYMOUS_USER
static java.lang.String
ANONYMOUS_USERNAME
static AuthenticatedUser
SYSTEM_USER
static java.lang.String
SYSTEM_USERNAME
-
Constructor Summary
Constructors Constructor Description AuthenticatedUser(java.lang.String name)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
canLogin()
Check whether this user has login privileges.boolean
equals(java.lang.Object o)
java.lang.String
getName()
java.util.Set<Permission>
getPermissions(IResource resource)
RoleResource
getPrimaryRole()
java.util.Set<Role>
getRoleDetails()
Get the detailed info on roles granted to the user via IRoleManagerjava.util.Set<RoleResource>
getRoles()
Get the roles that have been granted to the user via the IRoleManagerint
hashCode()
boolean
hasLocalAccess()
Verify that there is not DC level restriction on this user accessing this node.boolean
isAnonymous()
If IAuthenticator doesn't require authentication, this method may return true.boolean
isSuper()
Checks the user's superuser status.boolean
isSystem()
Some internal operations are performed on behalf of Cassandra itself, in those cases the system user should be used where an identity is required see CreateRoleStatement#execute() and overrides of AlterSchemaStatement#createdResources()java.lang.String
toString()
-
-
-
Field Detail
-
SYSTEM_USERNAME
public static final java.lang.String SYSTEM_USERNAME
- See Also:
- Constant Field Values
-
SYSTEM_USER
public static final AuthenticatedUser SYSTEM_USER
-
ANONYMOUS_USERNAME
public static final java.lang.String ANONYMOUS_USERNAME
- See Also:
- Constant Field Values
-
ANONYMOUS_USER
public static final AuthenticatedUser ANONYMOUS_USER
-
-
Method Detail
-
getName
public java.lang.String getName()
-
getPrimaryRole
public RoleResource getPrimaryRole()
-
isSuper
public boolean isSuper()
Checks the user's superuser status. Only a superuser is allowed to perform CREATE USER and DROP USER queries. Im most cased, though not necessarily, a superuser will have Permission.ALL on every resource (depends on IAuthorizer implementation).
-
isAnonymous
public boolean isAnonymous()
If IAuthenticator doesn't require authentication, this method may return true.
-
isSystem
public boolean isSystem()
Some internal operations are performed on behalf of Cassandra itself, in those cases the system user should be used where an identity is required see CreateRoleStatement#execute() and overrides of AlterSchemaStatement#createdResources()
-
getRoles
public java.util.Set<RoleResource> getRoles()
Get the roles that have been granted to the user via the IRoleManager- Returns:
- a set of identifiers for the roles that have been granted to the user
-
getRoleDetails
public java.util.Set<Role> getRoleDetails()
Get the detailed info on roles granted to the user via IRoleManager- Returns:
- a set of Role objects detailing the roles granted to the user
-
getPermissions
public java.util.Set<Permission> getPermissions(IResource resource)
-
canLogin
public boolean canLogin()
Check whether this user has login privileges. LOGIN is not inherited from granted roles, so must be directly granted to the primary role for this user- Returns:
- true if the user is permitted to login, false otherwise.
-
hasLocalAccess
public boolean hasLocalAccess()
Verify that there is not DC level restriction on this user accessing this node. Further extends the login privilege check by verifying that the primary role for this user is permitted to perform operations in the local (to this node) datacenter. Like LOGIN, this is not inherited from granted roles.- Returns:
- true if the user is permitted to access nodes in this node's datacenter, false otherwise
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
equals
public boolean equals(java.lang.Object o)
- Overrides:
equals
in classjava.lang.Object
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classjava.lang.Object
-
-