Øystein Grøvlen wrote:
> My main concern here is usability. As long as the legacy mode is the > default, it seems OK to enforce such restrictions in sqlStandard mode > since it will probably not hit unexperienced users. Will legacy mode > always be the default? Do we plan to switch to sqlStandard mode at > some point in time? Good comments, thanks... Legacy mode is the default now and I think it should continue to be the default until Derby supports well-rounded sqlStandard authorization model and provided sufficient warnings to existing users. Switching default is a decision for the community to make... hopefully sooner (like 10.3) than later. Also, I would like to see system privileges work completed to some degree. > Another important aspect of usability is that a product behaves in a > familiar way. That is, the behavior is similar to similar products. > I am a bit concerned if users will need to know about a specific > property in order to be able to use GRANT/REVOKE. Also, can we really > claim to be standards-compliant if one needs to set specific property > in order to be able to use parts of the standard? Right... Without Francois's work, sqlStandard authorization is not going to be similar to other products anyway. :-) I am also considering documenting current limitations of sqlStandard authorization model and advise users to evaluate it well before using it. Once the model is more complete, these warnings in the docs could go and the community could decide on switching the default authorization model. Satheesh > I also note that while easy-to-use and standards-based is covered by > the Derby Charter, backward-compatibility is not. ;-) > > -- > Øystein > > >
