Security System Concepts

XDB Servers are shipped with security turned off to allow you unlimited access to the system. You can continue to operate without security indefinitely, if desired, even in a multi-user environment.

If you do plan to use the XDB Server security features, starting with security off gives you a flexible development environment. You can create locations, databases, and other objects, and set up the required AuthIDs (user names), passwords, groups, and privilege sets you will need for controlling user access before you turn on security.

In a multi-user environment, if security is on at the server, all users must have security on at their individual workstations. If security is off at the server, individual users can have security on, if desired, to protect against unauthorized access at the workstation.

After security is turned on, each user or process must log in with a valid AuthID. If the AuthID has a password defined and required, the password must be entered as well.

To turn server security off, a user must have a valid AuthID with appropriate privileges to be able to access the Security Option in the XDB Server Configuration utility or the Options window as appropriate.

One special AuthID, INSTALL, is created when you install the XDB Server. The INSTALL user is an XDB Server super user. If you do not turn on security, you will not need to be concerned with this special AuthID or its password.

Note:

As long as security remains off and you do not create additional AuthIDs, all objects you create will belong to the Primary AuthID indicated in your Profile (that AuthID becomes the qualifying name in the three-part object name:location-name.authid.object-name). When you install XDB Server, the default AuthID in Options is TUTORIAL. You might wish to change this AuthID if you plan to turn security on and add more users to your system at a later date.

You can change the AuthID that is used for object creator names by any of the following methods:

Alternatively, you can create several AuthIDs and grant a different privilege set to each, using these AuthIDs for different purposes. You can also create a group, which allows you to grant the same privilege set to several or many AuthIDs.

When security is on, the super user is a special user. A super user is the only one who can:

The Admin menu commands are used to assign super-user privileges. The SQL Grant and Revoke commands cannot be used for assigning super-user privileges.

On a multi-user system (or any system where security is an issue), you should assign a password to the INSTALL SUPER USER AuthID. You might wish to set up a few additional AuthIDs with super-user privileges before you turn on security. This allows you to have several other trusted users as a backup to the XDB Server Administrator.