[
https://issues.apache.org/jira/browse/DERBY-3667?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dag H. Wanvik updated DERBY-3667:
---------------------------------
Derby Info: [Patch Available]
> SQL roles: Make CURRENT_ROLE check that the role is still valid
> ---------------------------------------------------------------
>
> Key: DERBY-3667
> URL: https://issues.apache.org/jira/browse/DERBY-3667
> Project: Derby
> Issue Type: Task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Fix For: 10.5.0.0
>
> Attachments: derby-3667-1.diff, derby-3667-1.stat
>
>
> When a role is the current role of a session, and that role is either
> a) revoked from current user or dropped, the present implementation
> does not actually reset the current role of value of the session which
> has set it to current, but instead lazily relies on the next usage to
> discover this fact by validating that the role usage is still
> applicable. This check is missing from CURRENT_USER.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
