org.apache.derby.iapi.sql.conn
Interface Authorizer

All Known Implementing Classes:
GenericAuthorizer

public interface Authorizer

The Authorizer verifies a connected user has the authorization to perform a requested database operation using the current connection.

Today no object based authorization is supported.


Field Summary
static int CREATE_ROLE_PRIV
           
static int CREATE_SCHEMA_PRIV
           
static int DELETE_PRIV
           
static int DROP_ROLE_PRIV
           
static int DROP_SCHEMA_PRIV
           
static int EXECUTE_PRIV
           
static int INSERT_PRIV
           
static int JAR_WRITE_OP
          database jar write operation
static int MIN_SELECT_PRIV
           
static int MODIFY_SCHEMA_PRIV
           
static int NULL_PRIV
           
static int PRIV_TYPE_COUNT
           
static int PROPERTY_WRITE_OP
          database property write operation
static java.lang.String PUBLIC_AUTHORIZATION_ID
          The public authorization ID is defined by the SQL2003 spec as implying all users.
static int REFERENCES_PRIV
           
static int SELECT_PRIV
           
static int SQL_ARBITARY_OP
          Any other SQL operation
static int SQL_CALL_OP
          SQL CALL/VALUE operation
static int SQL_DDL_OP
          SQL DDL operation
static int SQL_SELECT_OP
          SQL SELECT operation
static int SQL_WRITE_OP
          SQL write (insert,update,delete) operation
static java.lang.String SYSTEM_AUTHORIZATION_ID
          The system authorization ID is defined by the SQL2003 spec as the grantor of privileges to object owners.
static int TRIGGER_PRIV
           
static int UPDATE_PRIV
           
static int USAGE_PRIV
           
 
Method Summary
 void authorize(Activation activation, int operation)
          Verify the connected user is authorized to perform the requested operation.
 void authorize(int operation)
          Verify the connected user is authorized to perform the requested operation.
 java.lang.String getAuthorizationId()
          Get the Authorization ID for this Authorizer.
 boolean isReadOnlyConnection()
          Get the readOnly status for this authorizer's connection.
 void refresh()
          Refresh this authorizer to reflect a change in the database permissions.
 void setReadOnlyConnection(boolean on, boolean authorize)
          Set the readOnly status for this authorizer's connection.
 

Field Detail

SQL_WRITE_OP

static final int SQL_WRITE_OP
SQL write (insert,update,delete) operation

See Also:
Constant Field Values

SQL_SELECT_OP

static final int SQL_SELECT_OP
SQL SELECT operation

See Also:
Constant Field Values

SQL_ARBITARY_OP

static final int SQL_ARBITARY_OP
Any other SQL operation

See Also:
Constant Field Values

SQL_CALL_OP

static final int SQL_CALL_OP
SQL CALL/VALUE operation

See Also:
Constant Field Values

SQL_DDL_OP

static final int SQL_DDL_OP
SQL DDL operation

See Also:
Constant Field Values

PROPERTY_WRITE_OP

static final int PROPERTY_WRITE_OP
database property write operation

See Also:
Constant Field Values

JAR_WRITE_OP

static final int JAR_WRITE_OP
database jar write operation

See Also:
Constant Field Values

NULL_PRIV

static final int NULL_PRIV
See Also:
Constant Field Values

SELECT_PRIV

static final int SELECT_PRIV
See Also:
Constant Field Values

UPDATE_PRIV

static final int UPDATE_PRIV
See Also:
Constant Field Values

REFERENCES_PRIV

static final int REFERENCES_PRIV
See Also:
Constant Field Values

INSERT_PRIV

static final int INSERT_PRIV
See Also:
Constant Field Values

DELETE_PRIV

static final int DELETE_PRIV
See Also:
Constant Field Values

TRIGGER_PRIV

static final int TRIGGER_PRIV
See Also:
Constant Field Values

EXECUTE_PRIV

static final int EXECUTE_PRIV
See Also:
Constant Field Values

USAGE_PRIV

static final int USAGE_PRIV
See Also:
Constant Field Values

MIN_SELECT_PRIV

static final int MIN_SELECT_PRIV
See Also:
Constant Field Values

PRIV_TYPE_COUNT

static final int PRIV_TYPE_COUNT
See Also:
Constant Field Values

CREATE_SCHEMA_PRIV

static final int CREATE_SCHEMA_PRIV
See Also:
Constant Field Values

MODIFY_SCHEMA_PRIV

static final int MODIFY_SCHEMA_PRIV
See Also:
Constant Field Values

DROP_SCHEMA_PRIV

static final int DROP_SCHEMA_PRIV
See Also:
Constant Field Values

CREATE_ROLE_PRIV

static final int CREATE_ROLE_PRIV
See Also:
Constant Field Values

DROP_ROLE_PRIV

static final int DROP_ROLE_PRIV
See Also:
Constant Field Values

SYSTEM_AUTHORIZATION_ID

static final java.lang.String SYSTEM_AUTHORIZATION_ID
The system authorization ID is defined by the SQL2003 spec as the grantor of privileges to object owners.

See Also:
Constant Field Values

PUBLIC_AUTHORIZATION_ID

static final java.lang.String PUBLIC_AUTHORIZATION_ID
The public authorization ID is defined by the SQL2003 spec as implying all users.

See Also:
Constant Field Values
Method Detail

authorize

void authorize(int operation)
               throws StandardException
Verify the connected user is authorized to perform the requested operation. This variation should only be used with operations that do not use tables or routines. If the operation involves tables or routines then use the variation of the authorize method that takes an Activation parameter. The activation holds the table, column, and routine lists.

Parameters:
operation - the enumeration code for the requsted operation.
Throws:
StandardException - Thrown if the operation is not allowed

authorize

void authorize(Activation activation,
               int operation)
               throws StandardException
Verify the connected user is authorized to perform the requested operation.

Parameters:
activation - holds the list of tables, columns, and routines used.
operation - the enumeration code for the requsted operation.
Throws:
StandardException - Thrown if the operation is not allowed

getAuthorizationId

java.lang.String getAuthorizationId()
Get the Authorization ID for this Authorizer.


isReadOnlyConnection

boolean isReadOnlyConnection()
Get the readOnly status for this authorizer's connection.


setReadOnlyConnection

void setReadOnlyConnection(boolean on,
                           boolean authorize)
                           throws StandardException
Set the readOnly status for this authorizer's connection.

Parameters:
on - true means set the connection to read only mode, false means set the connection to read wrte mode.
authorize - true means to verify the caller has authority to set the connection and false means do not check.
Throws:
StandardException - Oops not allowed.

refresh

void refresh()
             throws StandardException
Refresh this authorizer to reflect a change in the database permissions.

Throws:
AuthorizerSessionException - Connect permission gone.
StandardException - Oops.

Built on Thu 2010-12-23 20:49:13+0000, from revision ???

Apache Derby V10.6 Internals - Copyright © 2004,2007 The Apache Software Foundation. All Rights Reserved.