db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mamta A. Satoor (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DERBY-4162) SQL Roles - Add the possibility for a default role for each user
Date Sun, 30 Sep 2012 01:30:09 GMT

     [ https://issues.apache.org/jira/browse/DERBY-4162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Mamta A. Satoor updated DERBY-4162:

    Labels: derby_triage10_10  (was: )
> SQL Roles - Add the possibility for a default role for each user
> ----------------------------------------------------------------
>                 Key: DERBY-4162
>                 URL: https://issues.apache.org/jira/browse/DERBY-4162
>             Project: Derby
>          Issue Type: Improvement
>          Components: SQL
>            Reporter: Tiago R. Espinha
>            Priority: Minor
>              Labels: derby_triage10_10
> We should have the ability to set a role (or several roles) as the default role(s) for
a user. This should also be kept optional, that is we should be able to have the behavior
described in the standard: roles can be selected manually through the SET ROLE.
> Dag said on the list that there is room for having this added functionality, in the sense
that it does not collide with what the standard stipulates.
> Additionally, I have a suggestion. While the implementation of this feature is vendor-based,
I believe that Oracle's approach on it is a very user-friendly and intuitive one. On Oracle
we can set several default roles and all these will be enabled by default. The user can then
manually disable certain roles after they start a session, but the crucial point is that these
are enabled by default.
> I do not think there is any security risk involved here, as if the role is there and
it is available to the user, then they are permissions that the user owns anyway. In a real
world scenario I believe that the most common behavior is having a role per user, which lessens
any security concerns even further.
> Here's an overview of how the roles work on Oracle:
> http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_10004.htm

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message