db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Francois Orsini (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-464) Enhance Derby by adding grant/revoke support. Grant/Revoke provide finner level of privileges than currently provided by Derby that is especially useful in network configurations.
Date Wed, 26 Oct 2005 22:33:56 GMT
    [ http://issues.apache.org/jira/browse/DERBY-464?page=comments#action_12356023 ] 

Francois Orsini commented on DERBY-464:
---------------------------------------

Agreed, CREATE/DROP ROLE as well as CREATE/DROP USER are there on my list...ROLE is frequently
used out there along with Grant/Revoke - There is usually Built-in Roles and user-defined
ones.

I would also like to have a CREATE/DROP USER to enhance Derby useability for managing users
rather than what we have now which is property-based and was done in the past with the notion
of running Cloudscape/Derby embedded.

Note that you can still Grant/Revoke at the user level.

Grant/Revoke is a major feature and effort - it needs to be stagged in several phases as Saheesh
mentioned.

I could see the following major phases/steps: (which can be done in-parallel to some degree)

- Create/Drop User / Role DDL (along with metadata / system catalogs {sysusers, sysroles)

- Grant / Revoke privileges DDL (system and object ones) (sysprivileges, syspermissions)

- Grant / Revoke runtime execution (processing)

- Built-in Roles, SA user, Supoport for additional system privileges and built-in roles.

at a minimum.

We need to list the admin and object privileges we want to support in Derby and implement
them in several phases.

> Enhance Derby by adding grant/revoke support. Grant/Revoke provide finner level of privileges
than currently provided by Derby that is especially useful in network configurations.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>          Key: DERBY-464
>          URL: http://issues.apache.org/jira/browse/DERBY-464
>      Project: Derby
>         Type: New Feature
>   Components: SQL
>     Versions: 10.0.2.1, 10.1.1.0, 10.2.0.0
>  Environment: generic
>     Reporter: Satheesh Bandaram
>     Assignee: Satheesh Bandaram
>  Attachments: grant.html
>
> Derby currently provides a very simple permissions scheme, which is quite suitable for
an embedded database system. End users of embedded Derby do not see Derby directly; they talk
to a application that embeds Derby. So Derby left most of the access control work to the application.
Under this scheme, Derby limits access on a per database or per system basis. A user can be
granted full, read-only, or no access. 
> This is less suitable in a general purpose SQL server. When end users or diverse applications
can issue SQL commands directly against the database, Derby must provide more precise mechanisms
to limit who can do what with the database.
> I propose to enhance Derby by implementing a subset of grant/revoke capabilities as specified
by the SQL standard. I envision this work to involve the following tasks, at least:
> 1) Develop a specification of what capabilities I would like to add to Derby.
> 2) Provide a high level implementation scheme.
> 3) Pursue a staged development plan, with support for DDL added to Derby first.
> 4) Add support for runtime checking of these privileges.
> 5) Address migration and upgrade issues from previous releases and from old scheme to
newer database.
> Since I think this is a large task, I would like to invite any interested people to work
with me on this large and important enhancement to Derby.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message