[
https://issues.apache.org/jira/browse/DERBY-3327?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dag H. Wanvik updated DERBY-3327:
---------------------------------
Derby Info: [Patch Available, Existing Application Impact, Release Note
Needed] (was: [Patch Available])
Marking with Existing application impact and Release note needed, since the
latest revision of the patch, in its solution for to DERBY-1331,
changes the semantics of SET SCHEMA if performed in a nested connection (inside
a routine).
> SQL roles: Implement authorization stack (and SQL session context to hold it)
> -----------------------------------------------------------------------------
>
> Key: DERBY-3327
> URL: https://issues.apache.org/jira/browse/DERBY-3327
> Project: Derby
> Issue Type: New Feature
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Fix For: 10.4.0.0
>
> Attachments: DERBY-3327-1.diff, DERBY-3327-1.stat, DERBY-3327-2.diff,
> DERBY-3327-2.stat, DERBY-3327-3.diff, DERBY-3327-3.stat,
> DERBY-3327-4-full-b.diff, DERBY-3327-4-full-b.stat, DERBY-3327-4-full-c.diff,
> DERBY-3327-4-full-c.stat, DERBY-3327-4-full.diff, DERBY-3327-4-full.stat
>
>
> The current LanguageConnectionContext keeps the user authorization identifier
> for an SQL session.
> The lcc is shared context also for nested connections (opened from stored
> procedures).
> So far, for roles, the current role has been stored in the lcc also. However,
> SQL requires that
> authorization identifers be pushed on a "authorization stack" when calling a
> stored procedure, cf.
> SQL 2003, vol 2, section 4.34.1.1 and 4.27.3.
> This allows a caller to keep its current role after a call even if changed by
> the stored procedure.
> This issue will implement the current role name part ("cell") of the
> authorization stack.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
