db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Created: (DERBY-3333) User name corresponding to authentication identifier PUBLIC must be rejected
Date Fri, 18 Jan 2008 20:12:35 GMT
User name corresponding to authentication identifier PUBLIC must be rejected
----------------------------------------------------------------------------

                 Key: DERBY-3333
                 URL: https://issues.apache.org/jira/browse/DERBY-3333
             Project: Derby
          Issue Type: Bug
          Components: Security, SQL
    Affects Versions: 10.3.2.1, 10.3.1.4, 10.2.2.0, 10.2.1.6, 10.1.3.1, 10.1.2.1, 10.1.1.0,
10.0.2.1, 10.0.2.0, 10.4.0.0
            Reporter: Daniel John Debrunner


SQL Standard (foundation) says:

Section 5.4 SR 20) No <authorization identifier> shall specify "PUBLIC".

This is a syntax rule which implies a 42xxx SQL state but I wonder if 'invalid authorization
specification.' (28xxx) makes more sense?
Maybe it's 28xxx when used in a connection request and 42xxx in a SQL statement?

Needs to be disallowed on:
  JDBC connection requests
  GRANT statements, ie. using "PUBLIC" as a delimited identifier.

Existing application impact if the exists a user with an authorization identifier of PUBLIC
in an existing system.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message