db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manjula G Kutty <manjula.ku...@gmail.com>
Subject Re: Question about Grant/Revoke
Date Thu, 16 Mar 2006 00:25:31 GMT
Hi Satheesh,
Thanks for your reply. So that means if I put the  
'derby.database.sqlAutherization' property in the derby.property file 
can I do grant/Revoke now? Also one minor suggestion from my view, The 
functional spec talks about these property under the heading 'derby 
upgrade and migration'. Can you move that under some other meaningful  
heading?


Thanks
Manjula 


Satheesh Bandaram wrote:

>Manjula G Kutty wrote:
>
>  
>
>>Hi ,
>>I was investigating the Grant/Revoke functionality added till now. And
>>found
>>
>>0 rows inserted/updated/deleted
>>ij> grant select on t1 to mkutty;
>>ERROR 42Z60: GRANT not allowed unless database property
>>derby.database.defaultConnectionMode has value 'sqlStandard'.
>>    
>>
>
>This was the original proposal on how to ask for SQL authorization
>mode... by setting defaultConnectionMode. Following further discussion
>on the list, the functional spec has been changed say
>'derby.database.sqlAuthorization' is the way to ask for SQL
>authorization. Change in functionality hasn't been reflected in the code
>yet.
>
>  
>
>>Also to mention that if I'm not mistaken I have to put the
>>derby.database.sqlAuthorization property only for upgrading derby from
>>version10.1 right?  I came to this conclusion because I found the
>>follwing sentences on the functional spec under "*derby upgrade and
>>migration*"
>>    
>>
>
>No... Default authorization model in Derby 10.2 is still legacy mode..
>So if you create a database without setting sqlAuthorization property,
>you shouldn't be able to do GRANT/REVOKE. Only if you have the property
>set to true, SQL authorization would be enforced. This is to maintain
>backwards compatibility.
>
>Satheesh
>
>  
>
>>http://issues.apache.org/jira/secure/attachment/12324061/grantRevokeSpec_v2.html
>>
>>
>><quote>
>>When a database is created, if derby.database.sqlAuthorization
>>property value is true, the database gets created with standard
>>security mode, enabling grant and revoke. This property could be set
>>either as a system property in derby.properties file or as application
>>property.
>></quote>
>>
>>But the following lines caught my attention
>>
>><quote>
>>It may be good to switch the default connection mode to standard model
>>and hence support grant/revoke by default in future releases.
>></quote>
>>
>>Is this being implemented?
>>
>>Can any one please clarify?
>>
>>Thanks
>>Manjula
>>
>>
>>
>>
>>    
>>
>
>
>  
>


Mime
View raw message