Souciance Eqdam Rashti wrote: > Hello Everyone > > I have a rather annoying problem. I was wondering if anyone could provide > sample code as to how I can restrict a user to a single database or > basically a certain number of database. So for example user fred would > only > be allowed to access accounting and not sales. > > It seems to be that once a user gets database access he can login into any > database but I want to restrict a user to a certain database. Thanks.
If you set up the user in the derby.properties file, then that user has access to all databases within that system. If you set up the user using the SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY stored procedure, the user will have access to only that database. Here's a page that lists info for both options: http://db.apache.org/derby/docs/dev/devguide/cdevcsecure21547.html Database properties take precedence over system wide properties, and properties set programmatically take precedence over all. More info is here, including how to keep database-wide properties from being overriden programmatically: http://db.apache.org/derby/docs/dev/tuning/ctunsetprop23308.html An ApacheCon 2005 security presentation includes a couple examples; you can download it from http://db.apache.org/derby/papers/ApacheCon.html I hope this helps. regards, -jean
