Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 35253 invoked from network); 26 Aug 2008 17:49:35 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 26 Aug 2008 17:49:35 -0000 Received: (qmail 63229 invoked by uid 500); 26 Aug 2008 17:49:33 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 63197 invoked by uid 500); 26 Aug 2008 17:49:33 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 63184 invoked by uid 99); 26 Aug 2008 17:49:33 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Aug 2008 10:49:33 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Aug 2008 17:48:44 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 53A16234C1B1 for ; Tue, 26 Aug 2008 10:48:44 -0700 (PDT) Message-ID: <129446612.1219772924341.JavaMail.jira@brutus> Date: Tue, 26 Aug 2008 10:48:44 -0700 (PDT) From: "Dag H. Wanvik (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Updated: (DERBY-3223) SQL roles: make use of privileges granted to roles in actual privilege checking In-Reply-To: <32775328.1195739983462.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-3223?page=3Dcom.atlassia= n.jira.plugin.system.issuetabpanels:all-tabpanel ] Dag H. Wanvik updated DERBY-3223: --------------------------------- Attachment: derby-3223-invalidate-activations-1.stat derby-3223-invalidate-activations-1.diff Uploading a new patch, derby-3223-invalidate-activations-1 for review; regressions ran ok. This patch changes the way we handle what happens in the following situation: A session has a current role set. A prepared statement has been executed which relies on the current role to get the necessary privileges. Then, if the current role changes, we need to re-check if sufficient privileges are still in place. Currently, this is being handled by invalidating the compiled plan of the prepared statement, causing all activations of the prepared statement to be discarded. The checking happens the first time the prepared statement is used in a session, i.e. when the activation is constructed. So, invalidated the compiled plans (shared across sessions) is a sufficient, but heavy-handed way of forcing a re-check in the session which changed its current role. This patch does away with this, instead marking the activation as invalid when the current role changes. So, the next time execution of the prepared statement is attempted, the activation is recreated for the session context. This is quicker for the current session that recompiling the execution plan, and also shields other sessions from having to recreate their activation. Any open result sets will remain usable as before, since these remain open; even though the old (base)activation is no longer referenced from the GenericActivationHolder, there is a reference to the old activation from the result set, so it stays alive. It is only the next execute of the prepared statement after a SET ROLE that we will notice if privileges are now insufficient. This is the same behavior as before (and the same behavior as other privilege revokes). I have tried to check that this new method is safe, but please don't assume anything. It should be thread safe, since only the current session's thread is involved. Since this is just an optimization, the role tests are unmodified. > SQL roles: make use of privileges granted to roles in actual privilege ch= ecking > -------------------------------------------------------------------------= ------ > > Key: DERBY-3223 > URL: https://issues.apache.org/jira/browse/DERBY-3223 > Project: Derby > Issue Type: Task > Components: Security, SQL > Reporter: Dag H. Wanvik > Assignee: Dag H. Wanvik > Fix For: 10.5.0.0 > > Attachments: derby-3223-1a.diff, derby-3223-1a.stat, derby-3223-1= b.diff, derby-3223-1b.stat, derby-3223-1c.diff, derby-3223-1c.stat, derby-3= 223-1d.diff, derby-3223-1d.stat, derby-3223-activate-roles-1.diff, derby-32= 23-activate-roles-1.stat, derby-3223-activate-roles-2.diff, derby-3223-acti= vate-roles-2.stat, derby-3223-activate-roles-2b.diff, derby-3223-activate-r= oles-2b.stat, derby-3223-invalidate-activations-1.diff, derby-3223-invalida= te-activations-1.stat, derby-3223-revise-iterator-api-b.diff, derby-3223-re= vise-iterator-api-b.stat, derby-3223-revise-iterator-api.diff, derby-3223-r= evise-iterator-api.stat, derby-3223-revocation-logic-1.diff, derby-3223-rev= ocation-logic-1.stat, derby-3223-revocation-logic-2.diff, derby-3223-revoca= tion-logic-2.stat, derby-3223-revocation-logic-2.txt, derby-3223-revocation= -logic-3.diff, derby-3223-revocation-logic-3.stat, derby-3223-revocation-lo= gic-4.diff, derby-3223-revocation-logic-4.stat, derby-3223-revocation-logic= -5.diff, derby-3223-revocation-logic-5.stat, roles.sql, roles2.sql, roles3.= sql > > > Pushing out to 10.5 --=20 This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.