[ http://issues.apache.org/jira/browse/DERBY-1646?page=comments#action_12425909 ] Laura Stewart commented on DERBY-1646: --------------------------------------
I was very unhappy with the content of the file that describes setting the default access mode. So based on your comments I reworded it. Please let me know if there is anything amiss... Setting the default access mode There are two properties that control the default access mode for database objects, the derby.database.defaultConnectionMode property and the derby.database.sqlAuthorization property. The default settings for these properties allow anyone to access and drop the database objects that you create. The default setting for the derby.database.defaultConnectionMode property is fullAccess and the default setting for the derby.database.sqlAuthorization property is FALSE. You can change the default access mode by specify different settings for these properties. These properties work together: When the derby.database.sqlAuthorization property is FALSE, the default access mode is determined by the setting for the derby.database.defaultConnectionMode property. If the derby.database.defaultConnectionMode property is set to readOnlyAccess, users can access (read) database all of the objects but they cannot update or drop the objects. When the derby.database.sqlAuthorization property is TRUE, the default access mode is restricted to the owner of the database objects. The owner must grant permission for others to access the database objects. No one but the owner of an object can drop the object. The access mode specified for the derby.database.sqlAuthorization property overrides the permissions that are granted by the owner of a database object. For example, if a user is granted INSERT privileges on a table but the user only has read-only connection authorization, the user cannot insert data into the table. Derby validates the database authorization properties when you set the properties. A user authorization exception is returned if you specify an invalid value when you set these properties. derby.database.defaultConnectionMode property The derby.database.defaultConnectionMode property controls the default authorization when users connect to the database. The valid settings for the derby.database.defaultConnectionMode property are: noAccess readOnlyAccess fullAccess The default value is fullAccess. derby.database.sqlAuthorization property The derby.database.sqlAuthorization property controls the ability for object owners to grant and revoke permission for users to perform actions on database objects. The valid settings for the derby.database.sqlAuthorization property are: TRUE FALSE The default value is FALSE. > Documentation to address Grant/Revoke Authorization for > views/triggers/constraints/routines(DERBY-1330) > ------------------------------------------------------------------------------------------------------- > > Key: DERBY-1646 > URL: http://issues.apache.org/jira/browse/DERBY-1646 > Project: Derby > Issue Type: New Feature > Components: Documentation > Affects Versions: 10.2.0.0 > Reporter: Mamta A. Satoor > Assigned To: Laura Stewart > > Creating a separate jira entry for documentation of Grant/Revoke > Authorization for views/triggers/constraints/routines(Engine changes are > going as part of DERBY-1330). > Will link this jira entry to DERBY-1330 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira