Security System Concepts

XDB Servers are shipped with security turned off to allow you unlimited access to the system. You can continue to operate without security indefinitely, if desired, even in a multiuser environment.

In a multiuser environment, if security is on at the server, then all users must have security on at their individual workstations. After security is turned on, each user or process must log in with a valid AuthID (a "user ID"). If the AuthID has a defined and required password, the password must be entered as well. When the user attempts to access a table, the server also verifies that the user has privileges to that table, which were set up using the GRANT and REVOKE commands. Only someone with super user privileges can establish AuthIDs and passwords.

Super Users

Each XDB Server is shipped with one super user called INSTALL. A super user is the only user who can:

Create and drop locations.
Add and remove users
Edit (update) system tables.
Assign super user privileges to another user ID.

You can create other super users at your discretion using the SQLWizard Users command on the Admin menu.

Super user privileges should be limited to a few trusted users with database administration expertise.

Note: In effect, when security is off, all users are super users. As long as security remains off, the Primary AuthID indicated in your client configuration is used as the qualifying name in the three-part object name:

location-name.authid.object-name.

Note: The INSTALL user ID that is shipped with an XDB Server does not have a password assigned to it. Use the SQLWizard Users command or run the ALTER PASSWORD SQL command to assign a password to this user ID as soon as possible. The syntax for ALTER PASSWORD is as follows:

 ALTER PASSWORD old_password TO new_password