SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-20-2008, 08:42 AM
| ||||
| ||||
 RE: IDS 10 Can't we already achieve this same functionality in previous versions of IDS? Leave out the word default and that is how roles already work - activated at the session level. So what is the improvement or change? -----Original Message----- From: owner-informix-list@iiug.org [mailto  wner-informix-list@iiug.org]On Behalf Of david@smooth1.co.ukSent: Monday, July 04, 2005 4:38 PM To: informix-list@iiug.org Subject: Re: IDS 10 The new default role in IDS 10 is applied to a user at connection time. It is at the session level not the database level. You need to "grant default role dave to <user>;" I've just done this against IDS 10.00.TC1TL on Windows XP:- In a dbaccess session as user djw; create database djw; database djw; create table a ( b int); revoke all on a from public; grant connect to o2; in a separate dbaccess session:- Connection-> Connect -> select database server input user name o2 and password select database djw select * from a # ^ # 272: No SELECT permission. # In the first dbaccess session:- create role dave; grant select on a to dave; grant default role dave to o2; In the second dbaccess session Connection-> Connect -> select database server input user name o2 and password select database djw select * from a; b 1 In first dbaccess session:- revoke default role from o2 In second dbaccess session:- select * from a; b 1 NOTE: User has not reconnected so they retain select privilege since their sessions still has that role as it's current role. However reconnect and:- Connection-> Connect -> select database server input user name o2 and password select database djw select * from a # ^ # 272: No SELECT permission. # sending to informix-list      |
|
04-20-2008, 08:42 AM
| ||||
| ||||
| Re: IDS 10 Campbell, John (GE Consumer Finance) wrote: > Can't we already achieve this same functionality in previous versions > of IDS? Leave out the word default and that is how roles already work - > activated at the session level. So what is the improvement or change? (a) Please avoid top-posting. (b) No you can't achieve this functionality in earlier versions of IDS. In XPS you could, through the sysdbopen (spelling?) procedure. (c) When you establish a connection to a database prior to v10.00, there is no role active until something triggered by the application sets a role. (d) By contrast, if a default role is established in IDS 10.00, when the user connects, that default role will be active until something the application does changes the role. > -----Original Message----- > From: owner-informix-list@iiug.org > [mailto wner-informix-list@iiug.org]On Behalf Of david@smooth1.co.uk> Sent: Monday, July 04, 2005 4:38 PM > To: informix-list@iiug.org > Subject: Re: IDS 10 > > > > The new default role in IDS 10 is applied to a user at connection time. > It is at the session level not the database level. > > You need to "grant default role dave to <user>;" > > I've just done this against IDS 10.00.TC1TL on Windows XP:- > > > In a dbaccess session as user djw; > > create database djw; > database djw; > create table a ( b int); > revoke all on a from public; > grant connect to o2; > > in a separate dbaccess session:- > > Connection-> Connect -> select database server > input user name o2 and password > select database djw > > select * from a > # ^ > # 272: No SELECT permission. > # > > In the first dbaccess session:- > > create role dave; > grant select on a to dave; > grant default role dave to o2; > > In the second dbaccess session > > Connection-> Connect -> select database server > input user name o2 and password > select database djw > > select * from a; > > b > > 1 > > In first dbaccess session:- > > revoke default role from o2 > > In second dbaccess session:- > > select * from a; > > > b > > 1 > > NOTE: User has not reconnected so they retain select privilege since > their > sessions still has that role as it's current role. However reconnect > and:- > > Connection-> Connect -> select database server > input user name o2 and password > select database djw > > select * from a > # ^ > # 272: No SELECT permission. > # > > > sending to informix-list -- Jonathan Leffler #include <disclaimer.h> Email: jleffler@earthlink.net, jleffler@us.ibm.com Guardian of DBD::Informix v2005.01 -- http://dbi.perl.org/ |
 |
« loader log
|
Re: Display Array »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 03:43 AM.
