[ http://issues.apache.org/jira/browse/DERBY-464?page=all ]
Mamta A. Satoor updated DERBY-464: ---------------------------------- Derby Info: [Patch Available] > Enhance Derby by adding grant/revoke support. Grant/Revoke provide finner > level of privileges than currently provided by Derby that is especially > useful in network configurations. > ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: DERBY-464 > URL: http://issues.apache.org/jira/browse/DERBY-464 > Project: Derby > Issue Type: New Feature > Components: SQL > Affects Versions: 10.0.2.1, 10.1.1.0, 10.2.0.0 > Environment: generic > Reporter: Satheesh Bandaram > Assigned To: Satheesh Bandaram > Fix For: 10.2.0.0 > > Attachments: changeDescriptionPartII, grantRevoke.patch.Dec5, > grantRevoke.stat.Dec5, GrantRevokePartII.stat, GrantRevokePartII.txt, > GrantRevokePartII.txt, grantRevokeSpec.html, grantRevokeSpec_v2.html, > grantRevokeSpec_v3.html, grantRevokeSpec_v4.html, Privileges.java, > Privileges2.java > > > Derby currently provides a very simple permissions scheme, which is quite > suitable for an embedded database system. End users of embedded Derby do not > see Derby directly; they talk to a application that embeds Derby. So Derby > left most of the access control work to the application. Under this scheme, > Derby limits access on a per database or per system basis. A user can be > granted full, read-only, or no access. > This is less suitable in a general purpose SQL server. When end users or > diverse applications can issue SQL commands directly against the database, > Derby must provide more precise mechanisms to limit who can do what with the > database. > I propose to enhance Derby by implementing a subset of grant/revoke > capabilities as specified by the SQL standard. I envision this work to > involve the following tasks, at least: > 1) Develop a specification of what capabilities I would like to add to Derby. > 2) Provide a high level implementation scheme. > 3) Pursue a staged development plan, with support for DDL added to Derby > first. > 4) Add support for runtime checking of these privileges. > 5) Address migration and upgrade issues from previous releases and from old > scheme to newer database. > Since I think this is a large task, I would like to invite any interested > people to work with me on this large and important enhancement to Derby. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira