| Subject | Account security for running reports |
|---|---|
| Author | Myles Wakeham |
| Post date | 2010-02-10T15:30:17Z |
I posted to the Firebird-tools list a more detailed question
specifically regarding setting up a 'reporting user' account on Firebird
for Crystal Reports, only to later work out that the problem I am
encountering is more of a general security/grant issue with FB, so I
think the more appropriate place to post the question is here.
I need to create a user account with FB 1.5 super server that can run
reports in a 'read/only' state. I'm using IBExpert to administer
privileges however I can also do this through generic SQL.
I have created a 'reports' user account, but no matter what I seem to do
with privileges, I'm getting an error with 3rd party reporting tools
stating that they cannot see the tables. However they run the reports
created for this user just fine, and show the data correctly. It would
seem that the errors I am getting has something to do with the inability
of any 3rd party reporting program through the Firebird ODBC driver v2
(the open source one) to read the schema of the database for the
reporting user. Yet if I run the report as SYSDBA on the database, it
works without issue.
What is the statement I should be using to grant privileges to an
account for the database, so that the account can fully see the metadata
of the database, yet has read/only access to the tables in the database?
Is there a particular trick required to set this up so that ODBC users
can run reports with 3rd party reporting tools without a bunch of error
dialogs popping up all the time?
Thanks in advance for any comments, suggestions or sharing of your
experiences in doing this sort of thing.
Myles
--
-----------------------------
Myles Wakeham
Director of Engineering
Tech Solutions USA, Inc.
Scottsdale, Arizona USA
www.techsolusa.com
Phone +1-480-451-7440
specifically regarding setting up a 'reporting user' account on Firebird
for Crystal Reports, only to later work out that the problem I am
encountering is more of a general security/grant issue with FB, so I
think the more appropriate place to post the question is here.
I need to create a user account with FB 1.5 super server that can run
reports in a 'read/only' state. I'm using IBExpert to administer
privileges however I can also do this through generic SQL.
I have created a 'reports' user account, but no matter what I seem to do
with privileges, I'm getting an error with 3rd party reporting tools
stating that they cannot see the tables. However they run the reports
created for this user just fine, and show the data correctly. It would
seem that the errors I am getting has something to do with the inability
of any 3rd party reporting program through the Firebird ODBC driver v2
(the open source one) to read the schema of the database for the
reporting user. Yet if I run the report as SYSDBA on the database, it
works without issue.
What is the statement I should be using to grant privileges to an
account for the database, so that the account can fully see the metadata
of the database, yet has read/only access to the tables in the database?
Is there a particular trick required to set this up so that ODBC users
can run reports with 3rd party reporting tools without a bunch of error
dialogs popping up all the time?
Thanks in advance for any comments, suggestions or sharing of your
experiences in doing this sort of thing.
Myles
--
-----------------------------
Myles Wakeham
Director of Engineering
Tech Solutions USA, Inc.
Scottsdale, Arizona USA
www.techsolusa.com
Phone +1-480-451-7440