db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dag H. Wanvik (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2207) Improve usability of Derby's client/server security by implementing ANSI Roles
Date Thu, 03 Jan 2008 12:26:34 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12555545#action_12555545
] 

Dag H. Wanvik commented on DERBY-2207:
--------------------------------------

Yes, that's how I read it too. It is not implemented yet; not sure how
to do it, lcc (LanguageConnectionContext) is shared between root and nested
connections, but seemed the natural place for holding current role.
The authorization stack that the standard prescribes would need to be
implemented somehow. 

Btw, it would seem we need this for running with definer's right
(stored procedures) as well? (if we want to allow that in future, I
see vol 13, section 4.10 says its implementation defined.)

Is setting isolation level currently persistent beyond a nested
connection?


> Improve usability of Derby's client/server security by implementing ANSI Roles
> ------------------------------------------------------------------------------
>
>                 Key: DERBY-2207
>                 URL: https://issues.apache.org/jira/browse/DERBY-2207
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Rick Hillegas
>            Assignee: Dag H. Wanvik
>         Attachments: spec.html, spec.html, spec.html, spec.html, spec.html
>
>
> Implementing ANSI Roles will make it easier to manage security for multi-user applications
with high user turnover.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message