| Subject | RE: [ib-support] User Management |
|---|---|
| Author | Paul Schmidt |
| Post date | 2002-02-06T17:46:49Z |
On 6 Feb 2002, at 10:21, Richard Pendered wrote:
databases and not just a specific database), so that for example a
global SP could be used to alter certain user info, this could
actually be set by the sysadmin. So you might create a global SP
called SP$_CHANGE_USER_INFO, these SP's can bypass the
normal security by containing their own connect statement. Some
databases use global SP's to do all user management. For
security a global SP's source should only be viewable by being
connected to the database it lives in.
Since a global SP can contain a connect statement, it should be
able to pass that opened connection back to the engine, this would
allow us to implement aliases via a global SP by calling an SP.
Since it's an SP you can use grant to allow users access to it.
Paul
Paul Schmidt
Tricat Technologies
paul@...
www.tricattechnologies.com
> Seeing as people are chnaging the isc4.gdb, why not add a stored procGenerally I think that we need global SPs (sp's that belong to all
> to change a users password ? I presume that the hashing could be done
> within the sp, or via a udf (used by the sp). Rich P.
>
databases and not just a specific database), so that for example a
global SP could be used to alter certain user info, this could
actually be set by the sysadmin. So you might create a global SP
called SP$_CHANGE_USER_INFO, these SP's can bypass the
normal security by containing their own connect statement. Some
databases use global SP's to do all user management. For
security a global SP's source should only be viewable by being
connected to the database it lives in.
Since a global SP can contain a connect statement, it should be
able to pass that opened connection back to the engine, this would
allow us to implement aliases via a global SP by calling an SP.
Since it's an SP you can use grant to allow users access to it.
Paul
Paul Schmidt
Tricat Technologies
paul@...
www.tricattechnologies.com