Java Derby GRANT语句,用于向特定用户授予特权
我用Java Derby GRANT语句,用于向特定用户授予特权,java,database,derby,privileges,Java,Database,Derby,Privileges,我用sqlAuthorization创建了数据库,并在Derby中创建了一些表。当我向系统添加一些fullAccessUsers时,用户无法访问表,因为有特权。我为用户使用GRANT语句,但没有帮助。我在下面分享我的代码 创建数据库 String owner = "admin"; String ownerp = "admin"; String user1= "testuser"; String user1p = "testuser"; String driver = "org.apache.de
sqlAuthorization
创建了数据库,并在Derby
中创建了一些表。当我向系统添加一些fullAccessUsers
时,用户无法访问表,因为有特权。我为用户使用GRANT
语句,但没有帮助。我在下面分享我的代码
创建数据库强>
String owner = "admin";
String ownerp = "admin";
String user1= "testuser";
String user1p = "testuser";
String driver = "org.apache.derby.jdbc.ClientDriver";
String connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";create=true";
Connection conn = DriverManager.getConnection(connectionURL);
Class.forName(driver);
connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";create=false;user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
conn = DriverManager.getConnection(connectionURL);
Statement s = conn.createStatement();
//Setting DB to Require Authentication
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.connection.requireAuthentication', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.sqlAuthorization', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.authentication.provider', 'BUILTIN')");
//Creating owner username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+owner+"\""+"', '"+"\""+ownerp+"\""+"')");
//Creating testuser username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+user1+"\""+"', '"+"\""+user1p+"\""+"')");
//Set both owner and user as a fullAccessUsers (read/write)
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.fullAccessUsers', '"+"\""+owner+"\""+","+"\""+user1+"\""+"')");
//Setting DB to No Access for restrict unauthorized users
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.defaultConnectionMode', 'noAccess')");
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.propertiesOnly', 'false')");
s.close();
//This method shutdown the derby for take parameters.
shutDownDerby();
//This method start the Derby Network Server
startDerby();
String connectionUrl2 = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
Connection con2 = DriverManager.getConnection(connectionUrl2);
java.sql.Statement stmt2;
stmt2 = con2.createStatement();
//Creating Schema
stmt2.execute("CREATE SCHEMA TEST");
//Creating Table in TEST Schema
String query1 = "CREATE TABLE TEST.USER_INFO\n" +
"(\n" +
"USERNAME VARCHAR(80),\n" +
"INFO VARCHAR(160)\n" +
")";
stmt2.execute(query1);
//This one should GRANT permission for reach TEST.USER_INFO to testuser but NOT!
stmt2.execute("GRANT SELECT ON TABLE TEST.USER_INFO TO testuser");
String query = "SELECT USERNAME, INFO FROM TEST.USER_INFO";
ERROR 42502: User 'testuser' does not have SELECT permission on column 'USERNAME' of table 'TEST'.'USER_INFO'.
设置数据库属性强>
String owner = "admin";
String ownerp = "admin";
String user1= "testuser";
String user1p = "testuser";
String driver = "org.apache.derby.jdbc.ClientDriver";
String connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";create=true";
Connection conn = DriverManager.getConnection(connectionURL);
Class.forName(driver);
connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";create=false;user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
conn = DriverManager.getConnection(connectionURL);
Statement s = conn.createStatement();
//Setting DB to Require Authentication
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.connection.requireAuthentication', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.sqlAuthorization', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.authentication.provider', 'BUILTIN')");
//Creating owner username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+owner+"\""+"', '"+"\""+ownerp+"\""+"')");
//Creating testuser username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+user1+"\""+"', '"+"\""+user1p+"\""+"')");
//Set both owner and user as a fullAccessUsers (read/write)
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.fullAccessUsers', '"+"\""+owner+"\""+","+"\""+user1+"\""+"')");
//Setting DB to No Access for restrict unauthorized users
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.defaultConnectionMode', 'noAccess')");
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.propertiesOnly', 'false')");
s.close();
//This method shutdown the derby for take parameters.
shutDownDerby();
//This method start the Derby Network Server
startDerby();
String connectionUrl2 = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
Connection con2 = DriverManager.getConnection(connectionUrl2);
java.sql.Statement stmt2;
stmt2 = con2.createStatement();
//Creating Schema
stmt2.execute("CREATE SCHEMA TEST");
//Creating Table in TEST Schema
String query1 = "CREATE TABLE TEST.USER_INFO\n" +
"(\n" +
"USERNAME VARCHAR(80),\n" +
"INFO VARCHAR(160)\n" +
")";
stmt2.execute(query1);
//This one should GRANT permission for reach TEST.USER_INFO to testuser but NOT!
stmt2.execute("GRANT SELECT ON TABLE TEST.USER_INFO TO testuser");
String query = "SELECT USERNAME, INFO FROM TEST.USER_INFO";
ERROR 42502: User 'testuser' does not have SELECT permission on column 'USERNAME' of table 'TEST'.'USER_INFO'.
创建表格强>
String owner = "admin";
String ownerp = "admin";
String user1= "testuser";
String user1p = "testuser";
String driver = "org.apache.derby.jdbc.ClientDriver";
String connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";create=true";
Connection conn = DriverManager.getConnection(connectionURL);
Class.forName(driver);
connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";create=false;user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
conn = DriverManager.getConnection(connectionURL);
Statement s = conn.createStatement();
//Setting DB to Require Authentication
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.connection.requireAuthentication', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.sqlAuthorization', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.authentication.provider', 'BUILTIN')");
//Creating owner username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+owner+"\""+"', '"+"\""+ownerp+"\""+"')");
//Creating testuser username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+user1+"\""+"', '"+"\""+user1p+"\""+"')");
//Set both owner and user as a fullAccessUsers (read/write)
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.fullAccessUsers', '"+"\""+owner+"\""+","+"\""+user1+"\""+"')");
//Setting DB to No Access for restrict unauthorized users
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.defaultConnectionMode', 'noAccess')");
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.propertiesOnly', 'false')");
s.close();
//This method shutdown the derby for take parameters.
shutDownDerby();
//This method start the Derby Network Server
startDerby();
String connectionUrl2 = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
Connection con2 = DriverManager.getConnection(connectionUrl2);
java.sql.Statement stmt2;
stmt2 = con2.createStatement();
//Creating Schema
stmt2.execute("CREATE SCHEMA TEST");
//Creating Table in TEST Schema
String query1 = "CREATE TABLE TEST.USER_INFO\n" +
"(\n" +
"USERNAME VARCHAR(80),\n" +
"INFO VARCHAR(160)\n" +
")";
stmt2.execute(query1);
//This one should GRANT permission for reach TEST.USER_INFO to testuser but NOT!
stmt2.execute("GRANT SELECT ON TABLE TEST.USER_INFO TO testuser");
String query = "SELECT USERNAME, INFO FROM TEST.USER_INFO";
ERROR 42502: User 'testuser' does not have SELECT permission on column 'USERNAME' of table 'TEST'.'USER_INFO'.
我使用testuser
成功连接到数据库。但当我尝试使用TEST.USER\u INFO
选择testuser
时,我收到下面的SQLException
选择查询强>
String owner = "admin";
String ownerp = "admin";
String user1= "testuser";
String user1p = "testuser";
String driver = "org.apache.derby.jdbc.ClientDriver";
String connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";create=true";
Connection conn = DriverManager.getConnection(connectionURL);
Class.forName(driver);
connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";create=false;user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
conn = DriverManager.getConnection(connectionURL);
Statement s = conn.createStatement();
//Setting DB to Require Authentication
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.connection.requireAuthentication', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.sqlAuthorization', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.authentication.provider', 'BUILTIN')");
//Creating owner username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+owner+"\""+"', '"+"\""+ownerp+"\""+"')");
//Creating testuser username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+user1+"\""+"', '"+"\""+user1p+"\""+"')");
//Set both owner and user as a fullAccessUsers (read/write)
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.fullAccessUsers', '"+"\""+owner+"\""+","+"\""+user1+"\""+"')");
//Setting DB to No Access for restrict unauthorized users
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.defaultConnectionMode', 'noAccess')");
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.propertiesOnly', 'false')");
s.close();
//This method shutdown the derby for take parameters.
shutDownDerby();
//This method start the Derby Network Server
startDerby();
String connectionUrl2 = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
Connection con2 = DriverManager.getConnection(connectionUrl2);
java.sql.Statement stmt2;
stmt2 = con2.createStatement();
//Creating Schema
stmt2.execute("CREATE SCHEMA TEST");
//Creating Table in TEST Schema
String query1 = "CREATE TABLE TEST.USER_INFO\n" +
"(\n" +
"USERNAME VARCHAR(80),\n" +
"INFO VARCHAR(160)\n" +
")";
stmt2.execute(query1);
//This one should GRANT permission for reach TEST.USER_INFO to testuser but NOT!
stmt2.execute("GRANT SELECT ON TABLE TEST.USER_INFO TO testuser");
String query = "SELECT USERNAME, INFO FROM TEST.USER_INFO";
ERROR 42502: User 'testuser' does not have SELECT permission on column 'USERNAME' of table 'TEST'.'USER_INFO'.
SQLException强>
String owner = "admin";
String ownerp = "admin";
String user1= "testuser";
String user1p = "testuser";
String driver = "org.apache.derby.jdbc.ClientDriver";
String connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";create=true";
Connection conn = DriverManager.getConnection(connectionURL);
Class.forName(driver);
connectionURL = "jdbc:derby://10.90.232.2:1527/myDB"+";create=false;user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
conn = DriverManager.getConnection(connectionURL);
Statement s = conn.createStatement();
//Setting DB to Require Authentication
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.connection.requireAuthentication', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.sqlAuthorization', 'true')");
//Setting DB to SQL Authorization
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.authentication.provider', 'BUILTIN')");
//Creating owner username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+owner+"\""+"', '"+"\""+ownerp+"\""+"')");
//Creating testuser username and password
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.user."+"\""+user1+"\""+"', '"+"\""+user1p+"\""+"')");
//Set both owner and user as a fullAccessUsers (read/write)
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.fullAccessUsers', '"+"\""+owner+"\""+","+"\""+user1+"\""+"')");
//Setting DB to No Access for restrict unauthorized users
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.defaultConnectionMode', 'noAccess')");
s.executeUpdate("CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(" +
"'derby.database.propertiesOnly', 'false')");
s.close();
//This method shutdown the derby for take parameters.
shutDownDerby();
//This method start the Derby Network Server
startDerby();
String connectionUrl2 = "jdbc:derby://10.90.232.2:1527/myDB"+";user="+"\""+owner+"\""+";password="+"\""+ownerp+"\""+";";
Connection con2 = DriverManager.getConnection(connectionUrl2);
java.sql.Statement stmt2;
stmt2 = con2.createStatement();
//Creating Schema
stmt2.execute("CREATE SCHEMA TEST");
//Creating Table in TEST Schema
String query1 = "CREATE TABLE TEST.USER_INFO\n" +
"(\n" +
"USERNAME VARCHAR(80),\n" +
"INFO VARCHAR(160)\n" +
")";
stmt2.execute(query1);
//This one should GRANT permission for reach TEST.USER_INFO to testuser but NOT!
stmt2.execute("GRANT SELECT ON TABLE TEST.USER_INFO TO testuser");
String query = "SELECT USERNAME, INFO FROM TEST.USER_INFO";
ERROR 42502: User 'testuser' does not have SELECT permission on column 'USERNAME' of table 'TEST'.'USER_INFO'.
如果我使用DB Owner连接到DB,请成功选择语句return
resultset
。我不明白GRANT
语句中缺少了什么。简单地说,这是一个问题,因为根据规范,SQL标识符应该折叠为大写。因此,如果没有双引号,testuser
将变成testuser
,这并不限于Derby。Oracle、FirebirdDB和其他公司也遵循同样的行为(顺便说一句,PostgreSQL折叠成小写,MySQL保留大小写,所以这可能是造成混淆的部分原因)
在支持SQL的数据库中,案例折叠是一个特别麻烦的领域,因为实际上很少有人喜欢标准的强制行为(正如PostgreSQL团队所说,这是无法挽回的破坏),因此项目可以在几乎没有人喜欢的行为和非标准的行为之间进行选择。这是一个区分大小写的问题吗?您是否确实将select授予TESTUSER,但您是作为TESTUSER连接到数据库的?尝试执行另一个grant语句,确保在引号中指定testuser,这样您将授予全小写testuser:“grant select on test.user_info to“testuser””Bryan再次保存我谢谢:)我真的不习惯Derby中的这种区分大小写的方法。如果您还记得,我在
connectionURL
中对用户名提出了类似的要求。无论如何stmt2.execute(“将SELECT ON TABLE TEST.USER\u信息授予”+“\”“+user1+”\”)代码>工作正常。你可以写作为答案。