Mimer SQL Documentation TOC PREV NEXT INDEX

Mimer SQL Developer Site


Idents


An ident is an authorization-id used to identify users, programs and groups. There are three types of idents in a Mimer SQL database: USER, PROGRAM, and GROUP idents.

USER Idents

USER idents identify individual users who can connect to a Mimer SQL database. USER idents are generally associated with specific physical individuals who are authorized to use the system.

A USER's access to the database objects is restricted by the specific privileges granted to the ident.

A USER ident is usually protected by a password. For a USER ident it is also possible to add one or several OS_USER logins which allows the user currently logged in to the operating system to access the Mimer SQL database without providing a password.

For example: if there is a USER ident ALBERT defined in Mimer SQL that has an OS_USER login ALBERT, then the operating system user ALBERT may start Mimer BSQL (for example) and connect directly to Mimer SQL simply by pressing <return> at the Username: prompt.

However, if the USER ident ALBERT defined in Mimer SQL has an OS_USER login HERBERT, then the operating system user HERBERT may start Mimer BSQL and connect directly to Mimer SQL by entering HERBERT at the Username: prompt and simply pressing <return> at the PASSWORD: prompt.

PROGRAM Idents

PROGRAM idents can be used for effective administration of access rights and authorization control.

PROGRAM idents do not strictly connect to Mimer SQL, but they may be entered by an ident by using the ENTER statement. (The ENTER statement may only be used by an ident who is already connected to a Mimer SQL database.)

An ident is granted the privilege to enter a PROGRAM ident. A PROGRAM ident is set up to have certain privileges and these apply after the ENTER statement has been used. PROGRAM idents are generally associated with specific functions within the system, rather than with physical individuals.

When a PROGRAM ident is entered, any privileges granted to that ident become current and privileges belonging to the previous ident (i.e. the ident issuing the ENTER statement) are suspended.

PROGRAM idents are disconnected with the LEAVE statement.

GROUP Idents

GROUP idents are collective identities used to define groups of user and/or program idents.

Any privileges granted to or revoked from a GROUP ident automatically apply to all members of the group. Any ident can be a member of as many groups as required, and a group can include any number of members.

GROUP idents provide a facility for organizing the privilege structure in the database system. All idents are automatically members of the group PUBLIC. When a privilege is granted to PUBLIC, all users receive the privilege.


Mimer
Mimer Information Technology AB
Voice: +46 18 780 92 00
Fax: +46 18 780 92 40
info@mimer.se
Mimer SQL Documentation TOC PREV NEXT INDEX