[jira] Commented: (DERBY-3327) SQL roles: Implement authorization stack

Tue, 22 Jan 2008 15:16:58 -0800 

    [ 
https://issues.apache.org/jira/browse/DERBY-3327?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12561513#action_12561513
 ] 

Daniel John Debrunner commented on DERBY-3327:
----------------------------------------------

> (As I understand it, the lifetime of the statement context is limited to 
> prepare and/or execution of a single statement.) 

No, the statement context is set up during the ResultSet.next() or any 
positioning call as well. Code that is executing or fetching rows will have the 
most recently pushed statement context associated with it. This is so that a 
statement level exception error handling affects the currently executing 
statement.

With a dynamic result I believe that when it is executing (e.g. a next() call) 
then the most recently pushed statement context will be associated with that 
result set and the activation/statement that created it.

So I think I mean only that any statement would always just refer to its 
StatementContext, which is the most recently pushed one since the statement 
must be being executed.



> SQL roles: Implement authorization stack
> ----------------------------------------
>
>                 Key: DERBY-3327
>                 URL: https://issues.apache.org/jira/browse/DERBY-3327
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Dag H. Wanvik
>            Assignee: Dag H. Wanvik
>             Fix For: 10.4.0.0
>
>         Attachments: DERBY-3327-1.diff, DERBY-3327-1.stat, DERBY-3327-2.diff, 
> DERBY-3327-2.stat, DERBY-3327-3.diff, DERBY-3327-3.stat
>
>
> The current LanguageConnectionContext keeps the user authorization identifier 
> for an SQL session.
> The lcc is shared context also for nested connections (opened from stored 
> procedures).
> So far, for roles, the current role has been stored in the lcc also. However, 
> SQL requires that
> authorization identifers be pushed on a "authorization stack" when calling a 
> stored procedure, cf.
> SQL 2003, vol 2, section 4.34.1.1 and 4.27.3.
> This allows a caller to keep its current role after a call even if changed by 
> the stored procedure.
> This issue will implement the current role name part ("cell") of the 
> authorization stack. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to