db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-866) Derby User Management Enhancements
Date Fri, 09 Dec 2011 19:40:40 GMT

    [ https://issues.apache.org/jira/browse/DERBY-866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13166484#comment-13166484
] 

Rick Hillegas commented on DERBY-866:
-------------------------------------

Hi Mike,

Thanks for thinking about this proposal. I would like to begin addressing your comments.

NATIVE authentication introduces two new conglomerates, the SYSUSERS heap and a primary key
index on its USERNAME column. On my system, taking default page sizes, those empty conglomerates
take up 16K space on disk. I believe that is noise compared to the 1.8M consumed by the entire
empty Derby database. I don't see much value in optimizing out that noise.

However, some day we may want to seriously slim down the size of our empty database. If we
want to do that, then I could see value in building a mechanism which creates certain catalogs
only if they are actually needed. The following catalogs would be targets for this mechanism.
All of these catalogs start out empty and will never have any tuples unless the application
uses the indicated features:

SQL Authorization catalogs:

    sys.syscolperms
    sys.sysperms
    sys.sysroles
    sys.systableperms

SQL Routines:

    sys.sysfiles

Sequences:

    sys.syssequences

NATIVE authentication:

    sys.sysusers

Views:

    sys.sysviews

Thanks,
-Rick

                
> Derby User Management Enhancements
> ----------------------------------
>
>                 Key: DERBY-866
>                 URL: https://issues.apache.org/jira/browse/DERBY-866
>             Project: Derby
>          Issue Type: Improvement
>          Components: Services
>    Affects Versions: 10.2.1.6
>            Reporter: Francois Orsini
>            Assignee: Rick Hillegas
>         Attachments: Derby_User_Enhancement.html, Derby_User_Enhancement_v1.1.html, DummyAuthenticator.java,
UserManagement.html, UserManagement.html, UserManagement.html, derby-866-01-aa-sysusers.diff,
derby-866-01-ab-sysusers.diff, dummyCredentials.properties
>
>
> Proposal to enhance Derby's Built-In DDL User Management. (See proposal spec attached
to the JIRA).
> Abstract:
> This feature aims at improving the way BUILT-IN users are managed in Derby by providing
a more intuitive and familiar DDL interface. Currently (in 10.1.2.1), Built-In users can be
defined at the system and/or database level. Users created at the system level can be defined
via JVM or/and Derby system properties in the derby.properties file. Built-in users created
at the database level are defined via a call to a Derby system procedure (SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY)
which sets a database property.
> Defining a user at the system level is very convenient and practical during the development
phase (EOD) of an application - However, the user's password is not encrypted and consequently
appears in clear in the derby.properties file. Hence, for an application going into production,
whether it is embedded or not, it is preferable to create users at the database level where
the password is encrypted.
> There is no real ANSI SQL standard for managing users in SQL but by providing a more
intuitive and known interface, it will ease Built-In User management at the database level
as well as Derby's adoption.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message