[DERBY-3673] Add checks that a new role isn't already a user authorization id - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.5.1.1
Component/s: SQL
Labels:
None

Description

Derby current does not have dictionary information about legal users.
Authentication is configurable as being derby internal, LDAP based, or
user supplied.

SQL specifies that user ids and role names go in the same namespace
(authorization ids). Therefore, at role creation time, a new role
name should be checked against legal users for this database, and be
defined if there is already a user id by that name.

Unfortunately, since there is currently no reliable dictionary
information about legal users, the best we can do presently is perform
heuristic checks that a proposed role id is not already a user id.

Since the check can not not reliable, we should also add a check to
prohibit conncting with a user id that is a known role id.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

derby-3673-5.diff
04/Sep/08 18:10
5 kB
Dag H. Wanvik
derby-3673-4.diff
22/May/08 18:34
0.7 kB
Dag H. Wanvik
derby-3673-3a-javadoc_fixes.diff
21/May/08 09:56
4 kB
Kristian Waagan
derby-3673-3.diff
22/May/08 00:04
0.6 kB
Dag H. Wanvik
derby-3673-2.stat
19/May/08 16:21
0.6 kB
Dag H. Wanvik
derby-3673-2.diff
19/May/08 16:21
43 kB
Dag H. Wanvik
derby-3673-1.stat
13/May/08 15:17
0.4 kB
Dag H. Wanvik
derby-3673-1.diff
13/May/08 15:17
27 kB
Dag H. Wanvik
derby-3673-1.diff
13/May/08 17:14
27 kB
Dag H. Wanvik

Activity

People

Assignee:: Dag H. Wanvik

Reporter:: Dag H. Wanvik

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 13/May/08 14:42

Updated:: 04/May/09 18:22

Resolved:: 20/May/08 18:41