When a revoke is issued, Derby sends an DependencyManager.REVOKE_PRIVILEGEinvalidation to dependents of the privilege being revoked. Bryan's suggestion is a sure shot to not miss any statments but like he pointed out, that will end up invalidating statements that are not affected by the revoke privilege.
Mamta On 4/3/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Daniel John Debrunner <[EMAIL PROTECTED]> writes: > [EMAIL PROTECTED] wrote: >> While working on re-using resultsets (DERBY-827) I've discovered that >> calls to >> getLanguageConnectionContext().getAuthorizer().authorize(this , 1); >> have been added in places that I don't think are compatible with >> re-using result sets. > > I think that the checking authorization once is the desired behaviour, > not every execution, for performance reasons. The statements should be > invalidated when a revoke is executed. Sigh... I was so happy because I figured out how to move the checking into execute(), AND the test passed on the first attempt! Oh well, that's life :) What you say about performance makes sense. So do the grant/revoke expert(s) have an opinion about how to invalidate all statements affected by a revoke (or grant)? -- dt
