Re: [jira] Commented: (DERBY-464) Enhance Derby by adding grant/revoke support. Grant/Revoke provide finner level of privileges than currently provided by Derby that is especially useful in network configurations.

[Satheesh Bandaram]

Why exactly would we want to strengthen builtin-authentication scheme when all of us agreed it was for simple embedded application use? I am not sure how useful access control is for embedded usages. But I will hold off on any more questions and wait for your proposal. Satheesh Francois Orsini wrote: I'm all  for having a homogeneous and unified way to manage (create, drop, alter, etc) users in Derby and specifically for the built-in authentication scheme which is what I was referring to. Today we simply don't have that. More to follow as am starting to feel itchy ;) --francois On 10/26/05, Daniel John Debrunner <[EMAIL PROTECTED]> wrote: Francois Orsini wrote: > Agreed since we always made it clear that users could be defined at the > system and/or database level ;) > > However, even as of today, databases can be dependent on users defined > at the system level if you have 'derby.database.propertiesOnly' set to > false which is the default I believe ;) > > What I meant to say is: (and this was in the context of Grant&Revoke > access to database(s) when users are defined at the system level in my > case which I think we'll be the most popular choice - 80/20 rule) Yep, flexibility is good. As long as we continue to support self-contained databases. A system database would be a significant new feature. Of course, I'm unclear on exactly what you are proposing, is it a new authentication scheme or something else? I eagerly await the functional spec/proposal. :-) Dan.