Francois Orsini wrote:
Grant or Revoke statement would have to succeed to enable sqlStandard
authorization mode automatically, with someone having enough privilege
to issue a successful Grant/Revoke operation in the first place - at
the same time, implictly and silently setting the authorization mode
to be sqlAuthorization the first time a Grant OP is invoked could be a
problem if the user issuing it is not the/a derby system administrator
type of role (unless he/she does it on his/her own objects) and
ending-up turning on sqlAuthorization mode. Some admin may not want to
see this happen.
I recognize that everybody should not be allowed to turn on SQL
authorization. I guess since the old system does not have an
administrator role this will be difficult to achieve.
Am not understanding the following "If one is only
running existing applications one should not be affected since they
will not use GRANT/REVOKE" - are you suggesting an authorization mode
at the connection/session level? It is set at the database level so
you should not have mixed users authorizing with legacy versus others
using sqlAuthorization...I may have misunderstood what you meant...
I was thinking of exisiting applications running against existing
databases vs new applications on a new database; not both existing and
new application against the same database. In other words, would it be
possible to turn it on automatically for new databases while new
versions against old databases will work as before?
I just realized that what I ask for is soft upgrade. In other words, do
we have to keep the old authorization as the default to provide for
backward compatibility? Could we not just require that old applications
run in soft upgrade mode if they do not want to deal with SQL authorization?
--
Øystein Grøvlen, Senior Staff Engineer
Sun Microsystems, Database Technology Group
Trondheim, Norway
