Re: Grant -revoke (464) and future backwards compat

[Satheesh Bandaram]

Daniel John Debrunner wrote: The reason that grant/revoke (DERBY-464) has to add a mode derby.database.sqlAuthorization={true|false} is that the grant/revoke requires a different access model to Derby's current model. I am still not satisfied this is the right way to switch authorization models. Could having a system procedure to switch mode from legacy authorization to standard authorization be better? This property can only be changed from false to true and need special code to ensure this. I'd like to ensure that we don't need to introduce another mode switch in a future release, related to this area. Ending up several releases from now with these properties would be bad 10.3 derby.database.sqlAuthorizationWeReallyMeanItThisTime={true|false} 10.4 derby.database.sqlAuthorizationOKMaybeThisTime={true|false} :-) This is a problem... I think it would be wise to advise users to follow SQL standard mode of operation or any other that we may enhance derby to in the future. Maybe there's other work that needs to be done to avoid jarring mode switches in the future. The alternative is to document, for 10.2, when derby.database.sqlAuthorization=true that behaviour may change in the future, be warned (with possible examples). It should be ok to document recommended practices... no? Satheesh