Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 87422 invoked from network); 21 Feb 2008 19:00:57 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 21 Feb 2008 19:00:57 -0000 Received: (qmail 88641 invoked by uid 500); 21 Feb 2008 19:00:51 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 88605 invoked by uid 500); 21 Feb 2008 19:00:51 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 88596 invoked by uid 99); 21 Feb 2008 19:00:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Feb 2008 11:00:51 -0800 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [69.147.64.88] (HELO smtp115.sbc.mail.sp1.yahoo.com) (69.147.64.88) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 21 Feb 2008 19:00:05 +0000 Received: (qmail 97879 invoked from network); 21 Feb 2008 19:00:24 -0000 Received: from unknown (HELO ?192.168.254.144?) (ddebrunner@sbcglobal.net@67.116.253.30 with plain) by smtp115.sbc.mail.sp1.yahoo.com with SMTP; 21 Feb 2008 19:00:23 -0000 X-YMail-OSG: BmdgHfoVM1lJHLXorD9FRASxAUGl3HcMt6g4s3y3pp2p21Akisr.ZaUTmwCBQ52SiH7Etsf41w-- X-Yahoo-Newman-Property: ymail-3 Message-ID: <47BDCA49.7070808@apache.org> Date: Thu, 21 Feb 2008 11:00:25 -0800 From: Daniel John Debrunner User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: derby-dev@db.apache.org Subject: Re: JMX Access Control Proposal References: <47BDB1E1.5050601@Sun.COM> <47BDBA96.5050202@apache.org> <47BDC375.50003@Sun.COM> In-Reply-To: <47BDC375.50003@Sun.COM> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org John Embretsen wrote: > There are two types of user authorization in Derby, connection > authorization and SQL authorization. Connection authorization specifies > the access that users have to connect to a system or database." > > I was (am) not sure what a system means in this context, and how that is > possibly different from a database / JDBC connection request. That might be a doc bug, since connection authorization really only applies to the state of a JDBC connection. I'm not sure though if a system connection (e.g. jdbc:derby:;shutdown=true) goes through connection authorization, I thought it was only database connections but I could be wrong. Dan.