Enterprise Manager Java App: Database - Permissions and Roles Tabs
In BBj 13.0 and higher, the Enterprise Manager Java app has been superseded by a new browser Enterprise Manager and Eclipse plug-in. See Enterprise Manager - Database: Permissions and Enterprise Manager - Database: Security.
Security is, or should be, a major consideration for any database administrator. Depending on the requirements of each company, this could be as simple as requiring a user name and password to connect to the system, or as complex as different permissions for different types of SQL operations on various objects in the database for each individual user. Standard permissions have been available in BBj® since version 1.0. These permissions give the administrator the ability to assign read-only or read/write access to an entire database. However, standard permissions did not permit assigning different permissions to different objects (tables, views, etc) in the database – it is all or nothing. While this is very easy to manage, it limits the control that the administrator has over access to sensitive data. This in turn could limit the ability for users to have easy desktop data query access to subsets of the company production database. Workarounds are possible but they require far more maintenance and structuring of the database by the database administrator.
BBj 11.0 and higher provides a complete feature set for managing user permissions in a powerful new feature called “Object Level Permissions.” This new feature will, for many customers, unlock meaningful desktop data query access to corporate data for all the users within a company with appropriate restrictions that are easy to structure and maintain.
For an in-depth look at permissions and roles, see The BASIS International Advantage article DB Security That You Have Always Dreamed About.
Permissions
Use the Permissions Tab to configure database level permissions for users of the systems. Choose from two permission types: standard and object level (available in BBj 11.0 and higher).
Standard permissions allows the administrator to assign read only or read/write access to an entire database. There is no way to assign different permissions to different objects (tables, views, etc) in the database. This is very easy to manage, but limits the control that the administrator has over access to sensitive data.
Object level permissions (new in BBj 11.0 and higher) allows the administrator to assign different permissions to different users or groups of users, on different objects in the database. “Objects” in a database refers to tables, views, and stored procedures.
See Database Permissions for complete details.
Roles
Use the Roles Tab to configure database level roles for users of the systems. This tab shows a list of roles currently defined for the database. These roles are specific to only the database for which they are
defined. To view the members of a role, simply select the role from the list.
