db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Embretsen <John.Embret...@Sun.COM>
Subject Re: JMX Access Control Proposal
Date Thu, 21 Feb 2008 18:31:17 GMT
Daniel John Debrunner wrote:
> If a JMX action does not require obtaining a JDBC connection to the 
> database then I would say db-authr is not applicable (which appears 
> similar to being ignored). db-authr defines the state of a user's JDBC 
> connection into the database (it's now called connection level 
> authorization), thus it can only apply if a connection is being obtained.

That makes sense to me as well. I think I have been somewhat confused about when 
Derby's user authorization should apply. For example, the Developer's Guide says 
[1]:

"When you specify user authorizations, Derby verifies that a user has been 
granted permission to access a system, database, object, or SQL action.

There are two types of user authorization in Derby, connection authorization and 
SQL authorization. Connection authorization specifies the access that users have 
to connect to a system or database."

I was (am) not sure what a system means in this context, and how that is 
possibly different from a database / JDBC connection request.

> I'm also assuming that the required expectation is followed at all times 
> (from the wiki):
> 
>  "A valid JMX user (a user able to connect via JMX to Derby's 
> MBeanServer) must not be able to access information or perform 
> operations that would otherwise be restricted by Derby's existing 
> security mechanisms (authentication, authorization, Security Manager, 
> etc.)."

Right, thanks for clarifying...

[snip]
> I'm using database authentication to mean the check that is invoked at 
> the database level (JDBC connection request) regardless of how it is 
> configured.

Ah, I see.

> You are using the term system authentication to mean the check that is 
> invoked at the database level if it is configured using system 
> properties (which I agree *may* have the authentication as the system 
> one, an application's implementation of authentication could implement 
> different checks based upon being system or database).

I almost think I know what you mean...
I'll give myself some time to chew on this and come back with more questions if 
I'm still fuzzy regarding that last part ;)

> Either way, I think we agree to connect to a database only a single 
> authentication step is required.

True.

Thanks!

[1]: http://db.apache.org/derby/docs/dev/devguide/cdevcsecure36595.html

-- 
John


Mime
View raw message