Hi Jeff,
If you try to scan with Authorizations which the current user does not
have, you will get an AccumuloSecurityException with the error code
SecurityErrorCode.BAD_AUTHORIZATIONS wrapped in a RuntimeException. This
will likely be thrown when you try to call hasNext() on the Scanner's
iterator(). This is also the case with the BatchScanner.
I would imagine this stems from using the Java Iterator interface which
doesn't allow us to throw general Exceptions from its methods. We have
to performance this security check for each batch returned, so it's also
not feasible to just check when the (Batch)Scanner is created.
That being said, there may be something better that we can do. Please
feel free to look into this and open a ticket if you find something
better we can be doing here.
On 5/20/14, 12:19 PM, Jeff N wrote:
Was curious to know if there is a specific Exception class I can catch when
creating an scanner for a particular user? The 1.5 API for
connector.createScanner says that bad authorizations throws an exception but
the API entry says that the method throws a TableNotFoundException and the
name seemed misleading. The authorization exception, to me, seems to pertain
to a user and not a table.
On a side note I'm wanting to detect when a user tries to access rows that
the users authorizations don't allow in a more sophisticated manor then
seeing if the scan doesn't return anything. Is that possible? It seems
wishy-washy to give an error claiming that either there aren't any rows or
you just don't have permission.
-----
--
View this message in context:
http://apache-accumulo.1065345.n5.nabble.com/Catching-Bad-Authorizations-tp9967.html
Sent from the Developers mailing list archive at Nabble.com.
