db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Db-derby Wiki] Update of "GrantRevokeImplementation" by DanDebrunner
Date Thu, 27 Jul 2006 18:19:49 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Db-derby Wiki" for change notification.

The following page has been changed by DanDebrunner:
http://wiki.apache.org/db-derby/GrantRevokeImplementation

------------------------------------------------------------------------------
      a. !DataDictionary is repsonsible for everything, has methods which are passed `StatementPermission`
and all logic below the covers. E.g. isGranted(StatementPermission), addGrantedPermission(StatementPermission,
String grantor, String grantee). Is this pushing too much in to the data dictonary, whose
role is really just storing SQL catalog objects.
      a. Logic on how to handle permissions is spread across the data dictionary and other
code (e.g. !CompilerContextImpl). This seems to be where to code is today.
  
+ = Two modes =
+ 
+  1. derby.database.sqlAuthorization=false - No fine grained authorization, any user can
access any object
+  1. derby.database.sqlAuthorization=true - Fine-grained authorization, non-owner of an object
must be granted
+ 
+ || '''derby.database.sqlAuthorization''' || authentication enabled || CREATE SCHEMA || ACCESS
OTHER OBJECTS || SECURE || Comments ||
+ ||  false (traditional Derby) || No || Yes || Yes || No || ||
+ || || Yes || Yes || Yes || No || Authenticated users can modify any table etc. ||
+ || true (GRANT/REVOKE) || No || limited to single schema matching username for non-database
owner || controlled by GRANT|| No || No authentication means user can log in as database owner
if database owner name can be determined. [http://issues.apache.org/jira/browse/DERBY-1543
DERBY-1543] will add a warning if GRANT is executed without authentication enabled. ||
+ || || Yes || limited to single schema matching username for non-database owner || controlled
by GRANT|| Yes || ||
+ 

Mime
View raw message