FAQ - When are Aerospike security privileges on a client connection checked?

FAQ - When are Aerospike security privileges on a client connection checked?

Detail

The Aerospike Authentication allows cluster access to be controlled via a configured Access Control list. Both roles and privileges can be assigned to users at a cluster, namespace or set level. At what point are these security privileges checked? If a privilege is changed once a user has established a connection, what happens?

Answer

Privileges are checked when a connection is established and also periodically during the lifetime of the connection. The period of the check is defined by the server parameter privilege-refresh-period which defaults to 300 seconds / 5 minutes. If new privileges are granted or existing ones revoked, this will come into operation after the periodic check. This is a dynamic parameter and so can be changed during runtime.

Keywords

CLIENT CONNECTION USER PRIVILEGE CHECK

Timestamp

December 2019

© 2015 Copyright Aerospike, Inc. | All rights reserved. Creators of the Aerospike Database.