FAQ - When are Aerospike security privileges on a client connection checked?
The Aerospike Authentication allows cluster access to be controlled via a configured Access Control list. Both roles and privileges can be assigned to users at a cluster, namespace or set level. At what point are these security privileges checked? If a privilege is changed once a user has established a connection, what happens?
Privileges are checked when a connection is established and also periodically during the lifetime of the connection. The period of the check is defined by the server parameter
privilege-refresh-period which defaults to 300 seconds / 5 minutes. If new privileges are granted or existing ones revoked, this will come into operation after the periodic check. This is a dynamic parameter and so can be changed during runtime.
CLIENT CONNECTION USER PRIVILEGE CHECK