XDB Servers are shipped with security turned off to allow you unlimited access to the system. You can continue to operate without security indefinitely, if desired, even in a multiuser environment.
In a multiuser environment, if security is on at the server, then all users must have security on at their individual workstations. After security is turned on, each user or process must log in with a valid AuthID (a "user ID"). If the AuthID has a defined and required password, the password must be entered as well. When the user attempts to access a table, the server also verifies that the user has privileges to that table, which were set up using the GRANT and REVOKE commands. Only someone with super user privileges can establish AuthIDs and passwords.
Super Users
Each XDB Server is shipped with one super user called INSTALL. A super user is the only user who can:
You can create other super users at your discretion using the SQLWizard Users command on the Admin menu. (Windows) or by executing the CREATE USER SQL command in the Interactive SQL Utility (UNIX). (The SQL GRANT and REVOKE commands cannot be used for assigning super user privileges.)
The syntax for CREATE USER is as follows:
CREATE USER username TYPE [ USER | SUPERUSER ] PASSWORD password REQUIRED [ YES | NO ] option_list
where option_list is defined as:
SECONDARY ID authid GROUP group_list PRIORITY priority ACCESS AUTHORITY [ YES | NO ] COMMENT quoted-string
Requirements for XDB passwords can be controlled on an XDB user basis. ACCESS AUTHORITY set to NO completely disables an XDB user id. The SECONDARY ID, GROUPS, and PRIORITY concepts are all discussed in greater detail in the section System Level Access Control.
Super user privileges should be limited to a few trusted users with database administration expertise.
location-name.authid.object-name.
ALTER PASSWORD old_password TO new_password