blizzard of deprecation warnings related to JEP 411
Rick Hillegas
rick.hillegas at gmail.com
Wed Jun 16 15:00:09 UTC 2021
Thanks, Peter. Derby supports a couple authorization mechanisms, the
most important one being the role-based SQL Standard GRANT/REVOKE
commands (see
https://db.apache.org/derby/docs/10.15/security/csecauthorization.html).
I'm afraid that my old eyes didn't see a link to your authorization
libraries in your message.
On 6/15/21 5:23 PM, Peter Firmstone wrote:
> Rick,
>
> Out of curiosity, does Apache Derby have a need for an Authorization
> layer?
>
> We have tooling to generate our policy files, which simplifies the
> process a lot, we also have highly scalable and performant
> SecurityManager and Policy implementations which are compatible with
> standard Java policy files.
>
> This is available under an AL2.0 license.
>
> I'm hoping that OpenJDK will create some hooks for permission checks,
> so that we can continue to provide an authorization layer for Java,
> following JEP 411.
>
> I'll be using StackWalker to reproduce AccessController's stack
> walk. We also have existing classes which wrap AccessControlContext,
> so we would use ThreadLocal's to preserve subject.
>
More information about the security-dev
mailing list