| Subject | Why can I login into a db with a role I have never been granted? |
|---|---|
| Author | meier3342 <meier3342@yahoo.de> |
| Post date | 2003-02-06T13:56:11Z |
Hi!
I created a database with some roles and users. There is an
"administrator" role and a "katja" user never granted access to this
role. Why can I log into that database (isql/jaybird) specifying a)
the database I want to log into (URL), b) the username (katja) and
password, and c) the role (administrator)??? Is this a bug?
It bugs me, at least: In my java program I check the validity of the
db-connection details by "test-connecting" to the database at program
startup. In the above scenario my test falsely succeeds; no exception
is thrown at me when openening the connection. The exception occurs
when accessing db-objects I am not allowed to access (likewise isql
complains)... which happens where/when my program did not assume that
to happen.
Regards,
Timo
I created a database with some roles and users. There is an
"administrator" role and a "katja" user never granted access to this
role. Why can I log into that database (isql/jaybird) specifying a)
the database I want to log into (URL), b) the username (katja) and
password, and c) the role (administrator)??? Is this a bug?
It bugs me, at least: In my java program I check the validity of the
db-connection details by "test-connecting" to the database at program
startup. In the above scenario my test falsely succeeds; no exception
is thrown at me when openening the connection. The exception occurs
when accessing db-objects I am not allowed to access (likewise isql
complains)... which happens where/when my program did not assume that
to happen.
Regards,
Timo