Troy J. Kelley (Migrated from SEC-925) said:
The current impl of this class works great – I would like to avoid writing my own custom strategy wherever possible. The JavaDocs for BasicLookupStrategy state that it’s not design for extension which I understand.
It would be great, however, if a property could be set in the bean config that would allow the referenced tables in the SQL to be qualified by a schema. Projects often run into such requirements based on the conventions used by a DBA group. In our particular case, we’re using DB2 and the ACL tables are being created in a schema that is not the default schema.
Ross Duncan said:
Could this be expanded to allow injecting the entire sql query? In some cases the names of the tables involved may not conform to an inhouse policy. Why not allow the entire sql query to be injected as happens in other areas of the security framework?
Luke Taylor said:
I guess this should be possible. It would require a select clause, the two where clauses and the “order by”.
All the beans which make use of the schema should be reviewed as part of this issue
I've added setters for all the SQL which is used by the JDBC implementation, which should solve these issues.