org.apache.derby.iapi.sql.conn
Interface Authorizer

All Known Implementing Classes:

GenericAuthorizer

public interface Authorizer

The Authorizer verifies a connected user has the authorization to perform a requested database operation using the current connection.

Today no object based authorization is supported.

Field Summary

static int	CREATE_ROLE_PRIV
static int	CREATE_SCHEMA_PRIV
static int	DELETE_PRIV
static int	DROP_ROLE_PRIV
static int	DROP_SCHEMA_PRIV
static int	EXECUTE_PRIV
static int	INSERT_PRIV
static int	JAR_WRITE_OP database jar write operation
static int	MIN_SELECT_PRIV
static int	MODIFY_SCHEMA_PRIV
static int	NULL_PRIV
static int	PRIV_TYPE_COUNT
static int	PROPERTY_WRITE_OP database property write operation
static java.lang.String	PUBLIC_AUTHORIZATION_ID The public authorization ID is defined by the SQL2003 spec as implying all users.
static int	REFERENCES_PRIV
static int	SELECT_PRIV
static int	SQL_ARBITARY_OP Any other SQL operation
static int	SQL_CALL_OP SQL CALL/VALUE operation
static int	SQL_DDL_OP SQL DDL operation
static int	SQL_SELECT_OP SQL SELECT operation
static int	SQL_WRITE_OP SQL write (insert,update,delete) operation
static java.lang.String	SYSTEM_AUTHORIZATION_ID The system authorization ID is defined by the SQL2003 spec as the grantor of privileges to object owners.
static int	TRIGGER_PRIV
static int	UPDATE_PRIV
static int	USAGE_PRIV

Method Summary

void	authorize(Activation activation, int operation) Verify the connected user is authorized to perform the requested operation.
void	authorize(int operation) Verify the connected user is authorized to perform the requested operation.
boolean	isReadOnlyConnection() Get the readOnly status for this authorizer's connection.
void	refresh() Refresh this authorizer to reflect a change in the database permissions.
void	setReadOnlyConnection(boolean on, boolean authorize) Set the readOnly status for this authorizer's connection.

Field Detail

SQL_WRITE_OP

static final int SQL_WRITE_OP

SQL write (insert,update,delete) operation

See Also:

Constant Field Values

SQL_SELECT_OP

static final int SQL_SELECT_OP

SQL SELECT operation

See Also:

Constant Field Values

SQL_ARBITARY_OP

static final int SQL_ARBITARY_OP

Any other SQL operation

See Also:

Constant Field Values

SQL_CALL_OP

static final int SQL_CALL_OP

SQL CALL/VALUE operation

See Also:

Constant Field Values

SQL_DDL_OP

static final int SQL_DDL_OP

SQL DDL operation

See Also:

Constant Field Values

PROPERTY_WRITE_OP

static final int PROPERTY_WRITE_OP

database property write operation

See Also:

Constant Field Values

JAR_WRITE_OP

static final int JAR_WRITE_OP

database jar write operation

See Also:

Constant Field Values

NULL_PRIV

static final int NULL_PRIV

See Also:

Constant Field Values

SELECT_PRIV

static final int SELECT_PRIV

See Also:

Constant Field Values

UPDATE_PRIV

static final int UPDATE_PRIV

See Also:

Constant Field Values

REFERENCES_PRIV

static final int REFERENCES_PRIV

See Also:

Constant Field Values

INSERT_PRIV

static final int INSERT_PRIV

See Also:

Constant Field Values

DELETE_PRIV

static final int DELETE_PRIV

See Also:

Constant Field Values

TRIGGER_PRIV

static final int TRIGGER_PRIV

See Also:

Constant Field Values

EXECUTE_PRIV

static final int EXECUTE_PRIV

See Also:

Constant Field Values

USAGE_PRIV

static final int USAGE_PRIV

See Also:

Constant Field Values

MIN_SELECT_PRIV

static final int MIN_SELECT_PRIV

See Also:

Constant Field Values

PRIV_TYPE_COUNT

static final int PRIV_TYPE_COUNT

See Also:

Constant Field Values

CREATE_SCHEMA_PRIV

static final int CREATE_SCHEMA_PRIV

See Also:

Constant Field Values

MODIFY_SCHEMA_PRIV

static final int MODIFY_SCHEMA_PRIV

See Also:

Constant Field Values

DROP_SCHEMA_PRIV

static final int DROP_SCHEMA_PRIV

See Also:

Constant Field Values

CREATE_ROLE_PRIV

static final int CREATE_ROLE_PRIV

See Also:

Constant Field Values

DROP_ROLE_PRIV

static final int DROP_ROLE_PRIV

See Also:

Constant Field Values

SYSTEM_AUTHORIZATION_ID

static final java.lang.String SYSTEM_AUTHORIZATION_ID

The system authorization ID is defined by the SQL2003 spec as the grantor of privileges to object owners.

See Also:

Constant Field Values

PUBLIC_AUTHORIZATION_ID

static final java.lang.String PUBLIC_AUTHORIZATION_ID

The public authorization ID is defined by the SQL2003 spec as implying all users.

See Also:

Constant Field Values

Method Detail

authorize

void authorize(int operation)
               throws StandardException

Verify the connected user is authorized to perform the requested operation. This variation should only be used with operations that do not use tables or routines. If the operation involves tables or routines then use the variation of the authorize method that takes an Activation parameter. The activation holds the table, column, and routine lists.

Parameters:

operation - the enumeration code for the requsted operation.

Throws:

StandardException - Thrown if the operation is not allowed

authorize

void authorize(Activation activation,
               int operation)
               throws StandardException

Verify the connected user is authorized to perform the requested operation.

Parameters:

activation - holds the list of tables, columns, and routines used.

operation - the enumeration code for the requsted operation.

Throws:

StandardException - Thrown if the operation is not allowed

isReadOnlyConnection

boolean isReadOnlyConnection()

Get the readOnly status for this authorizer's connection.

setReadOnlyConnection

void setReadOnlyConnection(boolean on,
                           boolean authorize)
                           throws StandardException

Set the readOnly status for this authorizer's connection.

Parameters:

on - true means set the connection to read only mode, false means set the connection to read wrte mode.

authorize - true means to verify the caller has authority to set the connection and false means do not check.

Throws:

StandardException - Oops not allowed.

refresh

void refresh()
             throws StandardException

Refresh this authorizer to reflect a change in the database permissions.

Throws:

AuthorizerSessionException - Connect permission gone.

StandardException - Oops.