[EMAIL PROTECTED] writes: > It works just fine. I've tested modifying the call to > > generateAuthorizeCheck() > > so that it adds its code to execute(), rather > than fillResultSet(), and this makes the test pass (and I haven't > noticed any negative side effects). > > However, Dan wrote earlier in this thread (Tue, 03 Apr 2007 07:07:40 > -0700): > > "I think that the checking authorization once is the desired behaviour, > not every execution, for performance reasons. The statements should be > invalidated when a revoke is executed." > > So that's why I'm looking at this...
Checking the permissions once per execution is perhaps not ideal, but if that's how it's currently done, I don't see any problem with moving the check from fillResultSet() to execute() as part of DERBY-827. Although "check once and invalidate on revoke" might give better performance, it could just as well be addressed later in a separate JIRA issue. -- Knut Anders
