db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Knut Anders Hatlen <Knut.Hat...@Sun.COM>
Subject Re: SQLAuthorisation and role permissions
Date Thu, 22 Apr 2010 07:03:50 GMT
On 04/21/10 11:06 PM, Thomas wrote:
> Hi,
>
> I have trouble understanding why the following doesn't work as expected:
>
> I have secured an embedded data base by requiring authenification and
> using SQL Authorisation.
>
> Authentification is working as I expected; SQL Authorisation not or only
> partially. 
> When loggin in as database owner and granting select permission on a view
> to a user X, then loggin off and loggin back in as user X
> => data can be selected from the view as expected.
> However when creating a role, granting select permission to that role (for 
> all columns on the view, so no colum list specified) and then
> granting the role to user X - then, when logging in a user X, I am getting an 
> error that user X doesn't have select permission on the first column in the 
> view. My expectation is that user X via having been granted the role should
> be able to select data from the view

Hi Thomas,

The user also needs to assume the role, using the SET ROLE statement, in
order to get the privileges granted to the role.
http://db.apache.org/derby/docs/10.5/ref/rrefsetrole.html

-- 
Knut Anders


Mime
View raw message