| Subject | Re: [firebird-support] Re: Embedded users and roles |
|---|---|
| Author | Helen Borrie |
| Post date | 2004-04-12T09:30:23Z |
At 07:32 AM 12/04/2004 +0000, you wrote:
Then you grant the role to the user.
no, there's no point. You might as well just grant the permissions
directly to this user.
/heLen
>Thanks for the reply.You have to grant the permissions to the role.
>
>I have created a role called ADMIN_ROLE.
>SYSDBA (who is DB owner) does not seem to be affected by ADMIN_ROLE
>(the gdb file was created using a client-server edition).
>
>I can connect as user "foobar". But "foobar" is prevented from reading
>tables because of permission problems.
>
>Even if I state: GRANT ADMIN_ROLE TO foobar
>it has no effect.
Then you grant the role to the user.
>Thats why I could not see the point in roles for the embedded version!If you're always going to use the same username for the (mock) login, then,
no, there's no point. You might as well just grant the permissions
directly to this user.
/heLen
>Cheers
>
>-raj
>
> > No, embedded bypasses server security. You can use any user name to
>log in
> > to the embedded server, even one that doesn't exist.
> >
> >
> > >But it seems to implements roles.
> >
> > Roles are database-based.
> >
> >
> > >If I cannot create a user and grant the user the role created what it
> > >the point of implementing user_roles in embedded mode?
> >
> > Because roles are related to permissions and permissions are the
>only way
> > you can impose any sort of security.
>
>
>
>
>
>
>Yahoo! Groups Links
>
>
>
>