[
https://issues.apache.org/jira/browse/DERBY-3476?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14052264#comment-14052264
]
Knut Anders Hatlen commented on DERBY-3476:
-------------------------------------------
DatabasePermission, SystemPermission and SystemPrincipal are all final and have
serialization identifiers now.
The serialization logic could still benefit from some improvements, tough:
- DatabasePermission would be more future-proof if it persisted the action
string (currently it doesn't because it knows it has to be "create").
- SystemPermission doesn't validate the name and the action string on
deserialization. It should perform the same checks on deserialization as it
does in its constructor.
- SystemPrincipal doesn't validate the name on deserialization. It should
perform the same checks as its constructor.
> Permissions and Principal objects added by this feature need to be final and
> have serialization identifiers
> -----------------------------------------------------------------------------------------------------------
>
> Key: DERBY-3476
> URL: https://issues.apache.org/jira/browse/DERBY-3476
> Project: Derby
> Issue Type: Sub-task
> Components: Services
> Reporter: Daniel John Debrunner
>
> Need serialization id to ensure the class is portable across releases.
> Need final to provide security.
> (assumes patch10 is committed from DERBY-2109)
--
This message was sent by Atlassian JIRA
(v6.2#6252)