Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 6887 invoked from network); 29 Jan 2008 21:19:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 29 Jan 2008 21:19:00 -0000 Received: (qmail 35897 invoked by uid 500); 29 Jan 2008 21:18:50 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 35863 invoked by uid 500); 29 Jan 2008 21:18:50 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 35854 invoked by uid 99); 29 Jan 2008 21:18:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 Jan 2008 13:18:50 -0800 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 Jan 2008 21:18:43 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 4BAAB714256 for ; Tue, 29 Jan 2008 13:18:35 -0800 (PST) Message-ID: <9928119.1201641515306.JavaMail.jira@brutus> Date: Tue, 29 Jan 2008 13:18:35 -0800 (PST) From: "Dag H. Wanvik (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-2207) Improve usability of Derby's client/server security by implementing ANSI Roles In-Reply-To: <3404894.1167844227677.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-2207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12563673#action_12563673 ] Dag H. Wanvik commented on DERBY-2207: -------------------------------------- Re: changing current role after a prepare of a statement. I am working on code to register dependencies of prepared statements (or just the activation?) as well as triggers, views and constraints, of one (or more) roles being depended on (for the authorization check to succeed), cf. discussion in DERBY-3223. I think the changing of the current role (or dropping of a role which the ps depends on) should invalidate the (activation of) the prepared statement here, forcing a re-check at the second execute. > Improve usability of Derby's client/server security by implementing ANSI Roles > ------------------------------------------------------------------------------ > > Key: DERBY-2207 > URL: https://issues.apache.org/jira/browse/DERBY-2207 > Project: Derby > Issue Type: New Feature > Components: Security, SQL > Reporter: Rick Hillegas > Assignee: Dag H. Wanvik > Attachments: spec.html, spec.html, spec.html, spec.html, spec.html, spec.html > > > Implementing ANSI Roles will make it easier to manage security for multi-user applications with high user turnover. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.