Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-3327

SQL roles: Implement authorization stack (and SQL session context to hold it)

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10.5.1.1
    • Component/s: SQL
    • Labels:
      None
    • Issue & fix info:
      Release Note Needed
    • Bug behavior facts:
      Security

      Description

      The current LanguageConnectionContext keeps the user authorization identifier for an SQL session.
      The lcc is shared context also for nested connections (opened from stored procedures).
      So far, for roles, the current role has been stored in the lcc also. However, SQL requires that
      authorization identifers be pushed on a "authorization stack" when calling a stored procedure, cf.
      SQL 2003, vol 2, section 4.34.1.1 and 4.27.3 and 10.4 GR 5h and i.
      This allows a caller to keep its current role after a call even if changed by the stored procedure.

      This issue will implement the current role name part ("cell") of the authorization stack.

      The authorization stack will be implemented as part of the SQL session context.
      The patch will also implement the pushing of the current unqualified schema name part of
      the SQL session context, cf. 10.4 GR 5a (DERBY-1331).

        Attachments

        1. DERBY-3327-6.stat
          0.1 kB
          Dag H. Wanvik
        2. DERBY-3327-6.diff
          0.7 kB
          Dag H. Wanvik
        3. derby-3327-5a-extracted_initial_schema_patch.diff
          3 kB
          Kristian Waagan
        4. DERBY-3327-4-full-e-10_4.stat
          2 kB
          Dag H. Wanvik
        5. DERBY-3327-4-full-e-10_4.diff
          86 kB
          Dag H. Wanvik
        6. releaseNote.html
          3 kB
          Dag H. Wanvik
        7. DERBY-3327-4-full-e.stat
          2 kB
          Dag H. Wanvik
        8. DERBY-3327-4-full-e.diff
          86 kB
          Dag H. Wanvik
        9. DERBY-3327-4-full-d.stat
          2 kB
          Dag H. Wanvik
        10. DERBY-3327-4-full-d.diff
          86 kB
          Dag H. Wanvik
        11. DERBY-3327-4-full-c.stat
          2 kB
          Dag H. Wanvik
        12. DERBY-3327-4-full-c.diff
          85 kB
          Dag H. Wanvik
        13. DERBY-3327-4-full-b.stat
          2 kB
          Dag H. Wanvik
        14. DERBY-3327-4-full-b.diff
          85 kB
          Dag H. Wanvik
        15. DERBY-3327-4-full.stat
          2 kB
          Dag H. Wanvik
        16. DERBY-3327-4-full.diff
          85 kB
          Dag H. Wanvik
        17. DERBY-3327-3.stat
          0.8 kB
          Dag H. Wanvik
        18. DERBY-3327-3.diff
          27 kB
          Dag H. Wanvik
        19. DERBY-3327-1.stat
          0.8 kB
          Dag H. Wanvik
        20. DERBY-3327-2.stat
          0.8 kB
          Dag H. Wanvik
        21. DERBY-3327-1.diff
          28 kB
          Dag H. Wanvik
        22. DERBY-3327-2.diff
          28 kB
          Dag H. Wanvik

          Issue Links

            Activity

              People

              • Assignee:
                dagw Dag H. Wanvik
                Reporter:
                dagw Dag H. Wanvik
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: