Subject Why can I login into a db with a role I have never been granted?
Author meier3342 <>

I created a database with some roles and users. There is an
"administrator" role and a "katja" user never granted access to this
role. Why can I log into that database (isql/jaybird) specifying a)
the database I want to log into (URL), b) the username (katja) and
password, and c) the role (administrator)??? Is this a bug?

It bugs me, at least: In my java program I check the validity of the
db-connection details by "test-connecting" to the database at program
startup. In the above scenario my test falsely succeeds; no exception
is thrown at me when openening the connection. The exception occurs
when accessing db-objects I am not allowed to access (likewise isql
complains)... which happens where/when my program did not assume that
to happen.