[
https://issues.apache.org/jira/browse/DERBY-3146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13604804#comment-13604804
]
Trejkaz commented on DERBY-3146:
--------------------------------
Can we get this back-ported to the 10.8 series?
> Adjust length restriction on user identifiers (authorization ids) to same as
> other identifiers
> ----------------------------------------------------------------------------------------------
>
> Key: DERBY-3146
> URL: https://issues.apache.org/jira/browse/DERBY-3146
> Project: Derby
> Issue Type: Improvement
> Components: JDBC, SQL
> Affects Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1,
> 10.2.1.6, 10.2.2.0, 10.3.1.4, 10.3.2.1, 10.3.3.0, 10.4.1.3, 10.4.2.0,
> 10.5.1.1, 10.5.2.0, 10.5.3.0, 10.6.1.0, 10.6.2.1, 10.7.1.1, 10.8.1.2, 10.8.2.2
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Priority: Minor
> Fix For: 10.9.1.0
>
> Attachments: DERBY-3146.diff, DERBY-3146.stat
>
>
> While working on roles, I notice that there is a max size of 30 on
> user ids in derby (authorization identifiers), e.g. the check being
> performed in the parser:
> private void checkAuthorizationLength( String authorization)
> :
> checkIdentifierLengthLimit( authorization, Limits.DB2_MAX_USERID_LENGTH);
> :
> where Limits.DB2_MAX_USERID_LENGTH == 30. I have checked, and I don't
> think there are any fundamental reasons why Derby can't lift this DB2
> restriction: Then authorization identifiers would have the same max
> limit as other identifiers: 128 (Limits.MAX_IDENTIFIER_LENGTH).
> Currently, this limit of 30 is enforced for GRANT/REVOKE, i.e. for the
> grantees.
> However, in the CREATE SCHEMA statement, the clause
> AUTHORIZATION <authorization identifier>
> which allows specifying a schema's owner, is *not* subject to this
> restriction. This is also reflected in the reference documentation for
> system tables:
>
> SYS.SYSCHEMAS:
> Column Name Type Length Nullability Contents
> -------------------------------------------------------------------
> AUTHORIZATIONID VARCHAR 128 false the authorization
> identifier of the
> owner of the schema
> SYS.SYSTABLEPERMS:
> Column Name Type Length Nullability Contents
> -------------------------------------------------------------------
> GRANTEE VARCHAR 30 False The authorization ID
> of the user to whom
> the privilege is
> granted.
> Furthermore, the limit is enforced in the authorizer code
> (AuthorizationServiceBase#authenticate). It is also reflected in the
> metadata: EmbedDatabaseMetaData#getMaxUserNameLength.
> I think it would be good to harmonize these two different limits for
> authorization identifier and change the limit to 128
> (Limits.MAX_IDENTIFIER_LENGTH).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
