Scalable Database Server, HiRDB Version 8 Description

[Contents][Glossary][Index][Back][Next]

2.3.3 Capabilities provided by the Directory Server linkage facility

Organization of this subsection
(1) Using a directory server to centrally manage HiRDB user information
(2) Granting table access privileges to a role

(1) Using a directory server to centrally manage HiRDB user information

You can use a directory server to centrally manage user information used by HiRDB (such as authorization identifiers and passwords). You can also use a directory server for user authentication when users connect to HiRDB.

Hint
  • If you use the Directory Server linkage facility, you do not need to assign the CONNECT privilege to each user individually.
  • Each HiRDB authorization identifier is registered as a user ID on the directory server. Once registered, a user is assigned the CONNECT privilege.
  • The password corresponding to each HiRDB authorization identifier is registered on the directory server.
Reference note
The DBA, audit, schema definition, RDAREA usage, and table access privileges are managed by HiRDB.

Figure 2-5 provides an overview of using the Directory Server linkage facility to perform user authentication.

Figure 2-5 Overview of using the Directory Server linkage facility to perform user authentication (Sun Java System Directory Server linkage facility)

[Figure]

Explanation
When a user attempts to connect to HiRDB (using CONNECT), Sun Java System Directory Server performs user authentication. If the user ID and password are registered in Sun Java System Directory Server, connection to HiRDB (CONNECT) is permitted.

(2) Granting table access privileges to a role

The concept of roles is supported in a Sun Java System Directory Server. You can register organizations, departments, and other personnel groupings as a single role in a directory server. You can then grant table access privileges to that role, which enables all users belonging to that role to be granted table access privileges. In other words, you can manage table access privileges by role. Figure 2-6 shows granting of table access privilege by role.

To grant table access privileges to a role, you must use the name of a role to which a filter is applied by Sun Java System Directory Server.

Figure 2-6 Granting of table access privilege to a role

[Figure]

Explanation
Once the table owner grants the table access privilege to the Management Division role, all users of the Management Division are able to access that table.

[Contents][Back][Next]

[Trademarks]

All Rights Reserved. Copyright (C) 2007, Hitachi, Ltd.