db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernt M. Johnsen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-3186) Do not allow the user to create inaccessible databases
Date Thu, 08 Nov 2007 09:57:51 GMT

    [ https://issues.apache.org/jira/browse/DERBY-3186?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12541012

Bernt M. Johnsen commented on DERBY-3186:

Thanks Dan. If an external authentication provider is defined (either LDAP or a class name),
it will of course be possible to define the needed users after the fact, and the database
eill be accessible/manageable when that is done.

> Do not allow the user to create inaccessible databases
> ------------------------------------------------------
>                 Key: DERBY-3186
>                 URL: https://issues.apache.org/jira/browse/DERBY-3186
>             Project: Derby
>          Issue Type: Improvement
>            Reporter: Bernt M. Johnsen
> When dealing with users and properties, it is possible to create inaccessible or unmanageable
databases. This happens only (I think) when derby.database.propertiesOnly is set to true.
> checks should be implemented to avoid that. Examples:
> The user should not be allowed to set both derby.database.propertiesOnly and derby.connection.requireAuthentication
on database level without having defined any users on the database level. A database with
both these properties set and no users will be inaccessible.
> The user should not be allowed to set  derby.database.propertiesOnly, derby.connection.requireAuthentication
and derby.database.sqlAuthorization without the current user (which will be the database owner)
defined on the database level. A database with this settings may not be managed (properties
may not be changed, users may not be created or deleted).
> Note that its much easier to create these situations with GUI interfaces (e.g. JConsole
and JMX) than with the tedious editing of property calls and sql system routines that we currently

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message