|
|
|
|
|
|
CREATE IDENT
Creates a
GROUP,OS_USER,PROGRAMorUSER(authorization-identity) ident.Usage
Embedded/Interactive/ODBC/JDBC.
Description
A new ident is created. If the ident is a
USER,OS_USERorPROGRAMident, a schema with the same name as the ident can also be created. A schema is created by default and whenWITH SCHEMAis explicitly specified.If the ident is a
USERorPROGRAMident, a password must be specified.If the ident is an
OS_USER, a password can be optionally specified.
USERidents are authorized to access a Mimer SQL database by using theCONNECTstatement. In interactive contexts, e.g. when Mimer BSQL is started, aUSERident is used to log in.
OS_USERidents are a special type ofUSERident which can be used to connect or log in a more automatic way. Once the connection has been established, anOS_USERident will access the database as aUSERident.If the
CONNECTstatement is used without specifying an ident name (or if<return>is pressed at the username prompt when logging into Mimer BSQL), the connect attempt uses the name of the operating system user id. In this case, the connection process will automatically attempt to use anOS_USERident with that name. If an OS_USER ident exists in the database with that name, a connection is established without any password verification.The same is true if the ident name specified in the
CONNECTstatement (or at the user name prompt in BSQL) is the same as the name of the current operating system user id and anOS_USERident exists in the database with that name.If an
OS_USERident is created with a password, it can be used as if it were aUSERident in situations where the operating system user id does not match theOS_USERident name.
PROGRAMidents cannot be used to connect to a database. After a connection has been established (by using aUSERorOS_USERident), theENTERstatement can used to make aPROGRAMident the current ident. The access rights to the database defined for thePROGRAMident will thus come into effect.The ident executing the
ENTERstatement must haveEXECUTEprivilege on thePROGRAMident (theENTERstatement can be executed by aPROGRAMident).The ident that executed the
ENTERstatement will become the current ident again after theLEAVEstatement has been executed.
GROUPidents cannot be used to connect to a database. They are used to implement collective authorization of access rights to the database. Other idents become members of aGROUPident whenMEMBERprivilege on theGROUPident is granted to them.While an ident is a member of a
GROUPident, that ident is effectively granted the privileges held by theGROUPident.For a more detailed description of idents, see the Mimer SQL Programmer's Manual, Idents and Privileges.
Restrictions
CREATE IDENTrequires that the current ident haveIDENTprivilege.The ident must not have the same name as an ident that already exists in the database.
Notes
All letters in
OS_USERnames are treated as uppercase in Mimer SQL, regardless of operating system conventions. See SQL Identifiers for more information on naming objects.The creator of a
GROUPident is automatically grantedMEMBERprivilege on it, with theWITH GRANT OPTION.The creator of a
PROGRAMident is automatically grantedEXECUTEprivilege on it, with theWITH GRANT OPTION.Ident passwords must be at least 1 and at most 18 characters long and may contain any characters except space. The case of alphabetic characters is significant. The password string must be enclosed in string delimiters, which are not stored as part of the password.
An ident who is authorized to created new idents (by having
IDENTprivilege) can also create new schemas.Example
CREATE IDENT mimer_adm AS USER USING 'admin';For more information, see the Mimer SQL User's Manual, Creating Idents and Schemas.
Standard Compliance
 Mimer Information Technology AB Voice: +46 18 780 92 00 Fax: +46 18 780 92 40 info@mimer.se |
|
|
|
|
|
|
