[DERBY-3327] SQL roles: Implement authorization stack (and SQL session context to hold it) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.5.1.1
Component/s: SQL
Labels:
None

Issue & fix info:

Release Note Needed
Bug behavior facts:

Security

Description

The current LanguageConnectionContext keeps the user authorization identifier for an SQL session.
The lcc is shared context also for nested connections (opened from stored procedures).
So far, for roles, the current role has been stored in the lcc also. However, SQL requires that
authorization identifers be pushed on a "authorization stack" when calling a stored procedure, cf.
SQL 2003, vol 2, section 4.34.1.1 and 4.27.3 and 10.4 GR 5h and i.
This allows a caller to keep its current role after a call even if changed by the stored procedure.

This issue will implement the current role name part ("cell") of the authorization stack.

The authorization stack will be implemented as part of the SQL session context.
The patch will also implement the pushing of the current unqualified schema name part of
the SQL session context, cf. 10.4 GR 5a (~~DERBY-1331~~).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

DERBY-3327-1.diff
19/Jan/08 00:07
28 kB
Dag H. Wanvik
DERBY-3327-1.stat
19/Jan/08 00:24
0.8 kB
Dag H. Wanvik
DERBY-3327-2.diff
19/Jan/08 00:00
28 kB
Dag H. Wanvik
DERBY-3327-2.stat
19/Jan/08 00:24
0.8 kB
Dag H. Wanvik
DERBY-3327-3.diff
21/Jan/08 16:05
27 kB
Dag H. Wanvik
DERBY-3327-3.stat
21/Jan/08 16:05
0.8 kB
Dag H. Wanvik
DERBY-3327-4-full.diff
18/Feb/08 17:41
85 kB
Dag H. Wanvik
DERBY-3327-4-full.stat
18/Feb/08 17:41
2 kB
Dag H. Wanvik
DERBY-3327-4-full-b.diff
19/Feb/08 00:30
85 kB
Dag H. Wanvik
DERBY-3327-4-full-b.stat
19/Feb/08 00:30
2 kB
Dag H. Wanvik
DERBY-3327-4-full-c.diff
19/Feb/08 23:12
85 kB
Dag H. Wanvik
DERBY-3327-4-full-c.stat
19/Feb/08 23:12
2 kB
Dag H. Wanvik
DERBY-3327-4-full-d.diff
28/Mar/08 18:13
86 kB
Dag H. Wanvik
DERBY-3327-4-full-d.stat
28/Mar/08 18:13
2 kB
Dag H. Wanvik
DERBY-3327-4-full-e.diff
01/Apr/08 13:12
86 kB
Dag H. Wanvik
DERBY-3327-4-full-e.stat
01/Apr/08 13:12
2 kB
Dag H. Wanvik
DERBY-3327-4-full-e-10_4.diff
28/May/08 21:52
86 kB
Dag H. Wanvik
DERBY-3327-4-full-e-10_4.stat
28/May/08 21:52
2 kB
Dag H. Wanvik
derby-3327-5a-extracted_initial_schema_patch.diff
30/May/08 14:33
3 kB
Kristian Waagan
DERBY-3327-6.diff
03/Jun/08 22:53
0.7 kB
Dag H. Wanvik
DERBY-3327-6.stat
03/Jun/08 22:53
0.1 kB
Dag H. Wanvik
releaseNote.html
02/Apr/08 14:59
3 kB
Dag H. Wanvik

Issue Links

is depended upon by

DERBY-3690 EmbedPooledConnection doesn't reset schema when creating a new logical connection

Closed

is part of

DERBY-2207 Improve usability of Derby's client/server security by implementing ANSI Roles

Closed

relates to

DERBY-1331 Derby's "set schema" behavior is not compliant with SQL 2003 Foundation spec.

Closed

DERBY-3897 SQLSessionContext not correctly initialized in some non-method call nested contexts

Closed

DERBY-4551 Allow database user to execute stored procedures with same permissions as database owner and/or routine definer

Closed

Activity

People

Assignee:: Dag H. Wanvik

Reporter:: Dag H. Wanvik

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 17/Jan/08 17:14

Updated:: 19/Sep/10 23:32

Resolved:: 07/Jul/08 08:36