Satheesh Bandaram wrote:
Oystein Grovlen - Sun Norway wrote:
Satheesh Bandaram wrote:
At some time in the future when GRANT/REVOKE support is more complete,
would it be possible to have some way to turn on SQL authorization
automatically when GRANT/REVOKE is used for the first time? I think
that could improve ease of use without breaking backward compatibility.
Derby could, but it would break backward compatibility... Currently all
users with 'fullAccess' mode (for defaultConnectionMode) can read/write
to any table in any schema. Switching to SQL authorization would mean
they would only be able to access their objects by default, so many
applications would see a break in functionality. Users have to change
their applications anyway, to explicitly grant privileges, so why not
make them set 'sqlAuthorization' flag also?
I am not quite sure you understood what I meant. I do not suggest that
we should make SQL authorization default. What I was thinking of was
turning it on automatically when someone attempt to use it. If one is
only running existing applications one should not be affected since they
will not use GRANT/REVOKE. My itch is to make it easy to start using
Derby for people that based on experiences with other database systems
will assume that GRANT/REVOKE is available without having configure the
system.
--
Øystein Grøvlen, Senior Staff Engineer
Sun Microsystems, Database Technology Group
Trondheim, Norway
