Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Cassandra user does not have the required permissions

Updated on July 5, 2022

This content applies only to On-premises and Client-managed cloud environments

If Pega Platform tries to access an external Cassandra database through a Cassandra user that does not have the required permissions, the Decision Data Store (DDS) landing page displays an error.

Condition

The DDS landing page displays one of the following errors:

Caused by: com.datastax.driver.core.exceptions.UnauthorizedException: User cassuser has no CREATE permission on <keyspace data> or any of its parents  
at com.datastax.driver.core.Responses$Error.asException(Responses.java:134) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.DefaultResultSetFuture.onSet(DefaultResultSetFuture.java:179) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.RequestHandler.setFinalResult(RequestHandler.java:177) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.RequestHandler.access$2500(RequestHandler.java:46) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.RequestHandler$SpeculativeExecution.setFinalResult(RequestHandler.java:797) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.RequestHandler$SpeculativeExecution.onSet(RequestHandler.java:631) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.Connection$Dispatcher.channelRead0(Connection.java:1070) ~[cassandra-driver-core-3.1.2.jar:?]  
Caused by: com.datastax.driver.core.exceptions.InvalidQueryException: unconfigured table customerdds_69d1abd1311e7423d7d62b15e28b2ae0  
at com.datastax.driver.core.Responses$Error.asException(Responses.java:136) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.SessionManager$4.apply(SessionManager.java:220) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.datastax.driver.core.SessionManager$4.apply(SessionManager.java:196) ~[cassandra-driver-core-3.1.2.jar:?]  
at com.google.common.util.concurrent.Futures$AsyncChainingFuture.doTransform(Futures.java:1442) ~[closure-compiler-v20160911.jar:?]  
at com.google.common.util.concurrent.Futures$AsyncChainingFuture.doTransform(Futures.java:1433) ~[closure-compiler-v20160911.jar:?]  
at com.google.common.util.concurrent.Futures$AbstractChainingFuture.run(Futures.java:1408) ~[closure-compiler-v20160911.jar:?]  
at com.google.common.util.concurrent.Futures$2$1.run(Futures.java:1177) ~[closure-compiler-v20160911.jar:?]  
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) ~[?:1.7.0_75]  
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) ~[?:1.7.0_75]  

Remedy

  1. List the permissions of the Cassandra user by running the list permissions CQL command:
    cassandra@cqlsh> list all permissions of rolename
    where role_name is the name of the Cassandra user role that the DDS service uses to access your external Cassandra database.
    Result: The list permissions command returns a list of the permissions of the Cassandra user, like in the following example:
     role   | username | resource              | permission 
    --------+----------+-----------------------+------------
    rolename | rolename | <keyspace preme_data> |       DROP 
    rolename | rolename | <keyspace preme_data> |  AUTHORIZE 
    rolename | rolename | <keyspace preme_data> |     CREATE 
    rolename | rolename | <keyspace preme_data> |       DROP 
    rolename | rolename | <keyspace preme_data> |     MODIFY 
  2. In the permission column, verify that for each keyspace the Cassandra user has the following permissions:
    • create
    • alter
    • drop
    • select
    • modify
    Note: To connect to an external Cassandra database, the DDS service requires permissions for to the following keyspaces:
    • adm
    • adm_commitlog
    • aggregation
    • data
    • states
    • vbd
  3. If the Cassandra user does not have all required permissions, add the missing permissions by running the grant CQL command.
  • Previous topic Authentication error in the Decision Data Store landing page
  • Next topic Cassandra error: Too many open files

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us