private static boolean hasExistingUsers() throws RequestExecutionException { // Try looking up the 'cassandra' default user first, to avoid the range query if possible. String defaultSUQuery = String.format("SELECT * FROM %s.%s WHERE username = '%s'", Auth.AUTH_KS, CREDENTIALS_CF, DEFAULT_USER_NAME); String allUsersQuery = String.format("SELECT * FROM %s.%s LIMIT 1", Auth.AUTH_KS, CREDENTIALS_CF); return !process(defaultSUQuery, ConsistencyLevel.ONE).isEmpty() || !process(defaultSUQuery, ConsistencyLevel.QUORUM).isEmpty() || !process(allUsersQuery, ConsistencyLevel.QUORUM).isEmpty(); }
public void drop(String username) throws RequestExecutionException { process(String.format("DELETE FROM %s.%s WHERE username = '%s'", Auth.AUTH_KS, CREDENTIALS_CF, escape(username)), consistencyForUser(username)); }
public void alter(String username, Map<Option, Object> options) throws RequestExecutionException { process(String.format("UPDATE %s.%s SET salted_hash = '%s' WHERE username = '%s'", Auth.AUTH_KS, CREDENTIALS_CF, escape(hashpw((String) options.get(Option.PASSWORD))), escape(username)), consistencyForUser(username)); }
private void setupDefaultUser() { try { // insert the default superuser if AUTH_KS.CREDENTIALS_CF is empty. if (!hasExistingUsers()) { process(String.format("INSERT INTO %s.%s (username, salted_hash) VALUES ('%s', '%s') USING TIMESTAMP 0", Auth.AUTH_KS, CREDENTIALS_CF, DEFAULT_USER_NAME, escape(hashpw(DEFAULT_USER_PASSWORD))), ConsistencyLevel.ONE); logger.info("PasswordAuthenticator created default user '{}'", DEFAULT_USER_NAME); } } catch (RequestExecutionException e) { logger.warn("PasswordAuthenticator skipped default user setup: some nodes were not ready"); } }
public void create(String username, Map<Option, Object> options) throws InvalidRequestException, RequestExecutionException { String password = (String) options.get(Option.PASSWORD); if (password == null) throw new InvalidRequestException("PasswordAuthenticator requires PASSWORD option"); process(String.format("INSERT INTO %s.%s (username, salted_hash) VALUES ('%s', '%s')", Auth.AUTH_KS, CREDENTIALS_CF, escape(username), escape(hashpw(password))), consistencyForUser(username)); }