db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Satheesh Bandaram <sathe...@Sourcery.Org>
Subject Re: Grant -revoke (464) and future backwards compat
Date Fri, 17 Feb 2006 07:59:54 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<body bgcolor="#ffffff" text="#000000">
Daniel John Debrunner wrote:<br>
<blockquote cite="mid43F4ECB5.2060206@apache.org" type="cite">
  <pre wrap="">The reason that grant/revoke (DERBY-464) has to add a mode


is that the grant/revoke requires a different access model to Derby's
current model.
I am still not satisfied this is the right way to switch authorization
models. Could having a system procedure to switch mode from legacy
authorization to standard authorization be better? This property can
only be changed from <b>false </b>to <b>true </b>and need special
code to ensure this.<br>
<blockquote cite="mid43F4ECB5.2060206@apache.org" type="cite">
  <pre wrap="">
I'd like to ensure that we don't need to introduce another mode switch
in a future release, related to this area. Ending up several releases
from now with these properties would be bad

10.3 derby.database.sqlAuthorizationWeReallyMeanItThisTime={true|false}

10.4 derby.database.sqlAuthorizationOKMaybeThisTime={true|false}

This is a problem... I think it would be wise to advise users to follow
SQL standard mode of operation or any other that we may enhance derby
to in the future.<br>
<blockquote cite="mid43F4ECB5.2060206@apache.org" type="cite">
  <pre wrap="">
Maybe there's other work that needs to be done to avoid jarring mode
switches in the future.

The alternative is to document, for 10.2, when


that behaviour may change in the future, be warned (with possible examples).
It should be ok to document recommended practices... no?<br>

View raw message