Links may not function; however, this content may be relevant to outdated versions of the product.
Cassandra user does not have the required permissions
This content applies only to On-premises and Client-managed cloud environments
If Pega Platform tries to access an external Cassandra database through a Cassandra user that does not have the required permissions, the Decision Data Store (DDS) landing page displays an error.
Condition
The DDS landing page displays one of the following errors:
Caused by: com.datastax.driver.core.exceptions.UnauthorizedException: User cassuser has no CREATE permission on <keyspace data> or any of its parents
at com.datastax.driver.core.Responses$Error.asException(Responses.java:134) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.DefaultResultSetFuture.onSet(DefaultResultSetFuture.java:179) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.RequestHandler.setFinalResult(RequestHandler.java:177) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.RequestHandler.access$2500(RequestHandler.java:46) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.RequestHandler$SpeculativeExecution.setFinalResult(RequestHandler.java:797) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.RequestHandler$SpeculativeExecution.onSet(RequestHandler.java:631) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.Connection$Dispatcher.channelRead0(Connection.java:1070) ~[cassandra-driver-core-3.1.2.jar:?]
Caused by: com.datastax.driver.core.exceptions.InvalidQueryException: unconfigured table customerdds_69d1abd1311e7423d7d62b15e28b2ae0
at com.datastax.driver.core.Responses$Error.asException(Responses.java:136) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.SessionManager$4.apply(SessionManager.java:220) ~[cassandra-driver-core-3.1.2.jar:?]
at com.datastax.driver.core.SessionManager$4.apply(SessionManager.java:196) ~[cassandra-driver-core-3.1.2.jar:?]
at com.google.common.util.concurrent.Futures$AsyncChainingFuture.doTransform(Futures.java:1442) ~[closure-compiler-v20160911.jar:?]
at com.google.common.util.concurrent.Futures$AsyncChainingFuture.doTransform(Futures.java:1433) ~[closure-compiler-v20160911.jar:?]
at com.google.common.util.concurrent.Futures$AbstractChainingFuture.run(Futures.java:1408) ~[closure-compiler-v20160911.jar:?]
at com.google.common.util.concurrent.Futures$2$1.run(Futures.java:1177) ~[closure-compiler-v20160911.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) ~[?:1.7.0_75]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) ~[?:1.7.0_75]
Remedy
- List the permissions of the Cassandra user by running the
list permissionsCQL command:where role_name is the name of the Cassandra user role that the DDS service uses to access your external Cassandra database.cassandra@cqlsh> list all permissions of rolenameResult: The list permissionscommand returns a list of the permissions of the Cassandra user, like in the following example:role | username | resource | permission --------+----------+-----------------------+------------ rolename | rolename | <keyspace preme_data> | DROP rolename | rolename | <keyspace preme_data> | AUTHORIZE rolename | rolename | <keyspace preme_data> | CREATE rolename | rolename | <keyspace preme_data> | DROP rolename | rolename | <keyspace preme_data> | MODIFY - In the
permissioncolumn, verify that for each keyspace the Cassandra user has the following permissions:createalterdropselectmodify
Note: To connect to an external Cassandra database, the DDS service requires permissions for to the following keyspaces: admadm_commitlogaggregationdatastatesvbd
- If the Cassandra user does not have all required permissions, add the
missing permissions by running the
grantCQL command.For more information, see Creating Cassandra user roles with limited database access.
Previous topic Authentication error in the Decision Data Store landing page Next topic Cassandra error: Too many open files