Return-Path: X-Original-To: apmail-db-derby-dev-archive@www.apache.org Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AC672956E for ; Wed, 9 May 2012 22:08:11 +0000 (UTC) Received: (qmail 35438 invoked by uid 500); 9 May 2012 22:08:10 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 35370 invoked by uid 500); 9 May 2012 22:08:10 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 35174 invoked by uid 99); 9 May 2012 22:08:10 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 May 2012 22:08:10 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 May 2012 22:08:09 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id E101348F1E7 for ; Wed, 9 May 2012 22:07:48 +0000 (UTC) Date: Wed, 9 May 2012 22:07:48 +0000 (UTC) From: "Kim Haase (JIRA)" To: derby-dev@db.apache.org Message-ID: <469034899.46640.1336601268923.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (DERBY-3146) Adjust length restriction on user identifiers (authorization ids) to same as other identifiers MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-3146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13271866#comment-13271866 ] Kim Haase commented on DERBY-3146: ---------------------------------- I'm not sure that a documentation patch will be needed, since we have been documenting the relevant table columns as being VARCHAR(128) since (I think?) 10.5. (If there are any places where we say user names are limited to 30 characters, though, we'd better fix them; I haven't found any.) I don't think we have ever documented the return value of DataBaseMetaData#getMaxUserNameLength, so we certainly don't need more than a release note for that. > Adjust length restriction on user identifiers (authorization ids) to same as other identifiers > ---------------------------------------------------------------------------------------------- > > Key: DERBY-3146 > URL: https://issues.apache.org/jira/browse/DERBY-3146 > Project: Derby > Issue Type: Improvement > Components: SQL > Reporter: Dag H. Wanvik > Assignee: Dag H. Wanvik > Priority: Minor > Attachments: DERBY-3146.diff, DERBY-3146.stat > > > While working on roles, I notice that there is a max size of 30 on > user ids in derby (authorization identifiers), e.g. the check being > performed in the parser: > private void checkAuthorizationLength( String authorization) > : > checkIdentifierLengthLimit( authorization, Limits.DB2_MAX_USERID_LENGTH); > : > where Limits.DB2_MAX_USERID_LENGTH == 30. I have checked, and I don't > think there are any fundamental reasons why Derby can't lift this DB2 > restriction: Then authorization identifiers would have the same max > limit as other identifiers: 128 (Limits.MAX_IDENTIFIER_LENGTH). > Currently, this limit of 30 is enforced for GRANT/REVOKE, i.e. for the > grantees. > However, in the CREATE SCHEMA statement, the clause > AUTHORIZATION > which allows specifying a schema's owner, is *not* subject to this > restriction. This is also reflected in the reference documentation for > system tables: > > SYS.SYSCHEMAS: > Column Name Type Length Nullability Contents > ------------------------------------------------------------------- > AUTHORIZATIONID VARCHAR 128 false the authorization > identifier of the > owner of the schema > SYS.SYSTABLEPERMS: > Column Name Type Length Nullability Contents > ------------------------------------------------------------------- > GRANTEE VARCHAR 30 False The authorization ID > of the user to whom > the privilege is > granted. > Furthermore, the limit is enforced in the authorizer code > (AuthorizationServiceBase#authenticate). It is also reflected in the > metadata: EmbedDatabaseMetaData#getMaxUserNameLength. > I think it would be good to harmonize these two different limits for > authorization identifier and change the limit to 128 > (Limits.MAX_IDENTIFIER_LENGTH). -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira