Online Documentation for SQL Manager for InterBase/Firebird

Security management

Security for InterBase/Firebird relies on a central security database for each server host. This database contains a record for each legitimate user who has permission to connect to databases and services on that host. Each record includes the user login name and the associated encrypted password. The entries in this security database apply to all databases on the server host.

InterBase/Firebird manages database access permissions using the concept of users:

SYSDBA (a special user account that can bypass normal SQL security and perform tasks such as database backups and shutdowns; this is the only authorized user initially; the default password for the user is masterkey);
other users (other users on a per-server basis created by SYSDBA)

Embedded Database User Authentication is supported by InterBase 7.5 and later versions of InterBase.

Embedded User Authentication stores user name / password accounts in the database. This overrides the server-wide security database for user authentication. Only the database owner is allowed to administer embedded user authentication against a database. A normal user may alter the password for their user account.

Note: There are issues related to database backup/restore performed under embedded users. For details refer to the official InterBase documentation.

InterBase/Firebird implements features for assigning SQL privileges to groups of users. SQL roles are implemented on a per-database basis, and the implementation includes the following:

a role is declared;
privileges on database objects are assigned to the role with the help of Grant Manager;
role members are defined;
the role name is specified on the Connection page of the Database Registration Info dialog.

A user can belong to only one role per connection to the database and cannot change role while connected. To change role, the user must disconnect and reconnect, specifying a different role name.

SQL Manager for InterBase/Firebird provides tools for efficient management of InterBase/Firebird users and SQL roles:

User Manager

A tool for managing InterBase/Firebird server users.

User Editor

A tool for editing InterBase/Firebird server users.

Role Manager

A tool for managing InterBase/Firebird database roles.

Members of Role

A tool for defining InterBase/Firebird database role members.

Grant Manager

Allows you to manage grants on your InterBase/Firebird database objects.

Adding Users

select the Tools | User Manager main menu item or use the corresponding toolbar button to open User Manager;
select the Add User... item from the context menu or within the Navigation bar;
define user properties and membership using User Editor.

Editing Users

select the Tools | User Manager main menu item or use the corresponding toolbar button to open User Manager;
right-click and select the Edit User... item from the context menu or within the Navigation bar;
edit the user properties and membership using User Editor.

Deleting Users

select the Tools | User Manager main menu item or use the corresponding toolbar button to open User Manager;
right-click the user to delete and select the Delete User item from the context menu or within the Navigation bar;
confirm deleting in the dialog window.

Adding Roles

select the Database | New Object... main menu item;
select Role in the Create New Object dialog;
define role name and confirm new role declaration in the dialog window

select the Tools | Role Manager main menu item to open Role Manager;
right-click and select the Add Role... item from the context menu or within the Navigation bar;
define role name and confirm new role declaration in the dialog window.

Hint: To create a new role, you can also right-click the Roles node or any object within this node in the DB Explorer tree and select the New Role... item from the context menu.

To create a new role with the same properties as one of existing roles has:

select the Database | Duplicate Object... main menu item;
follow the instructions of Duplicate Object Wizard.

Alternatively, you can right-click a role in the DB Explorer tree and select the Duplicate Role 'role_name'... context menu item.

Duplicate Object Wizard allows you to select the database to create a new role in, and to view the result SQL statement for creating the role.

Editing Role Members

select the Tools | Role Manager main menu item to open Role Manager;
select the Edit role members item within the Navigation bar, or double-click a role in the list;
edit the role members using the Members of Role dialog.

Deleting Roles

select the Tools | Role Manager main menu item to open Role Manager;
right-click the role to delete and select the Delete Role item from the context menu or within the Navigation bar;
confirm deleting in the dialog window.

Managing Privileges

select the Tools | Grant Manager main menu item, or use the corresponding toolbar button to open Grant Manager;
select the object type using the drop-down list on the toolbar;
select a user, a role, a view, a trigger, or a procedure from the Privileges for list available within the Navigation bar;
edit the grantee's privileges using Grant Manager

right-click an object in DB Explorer and select the Tasks | Grants for <object_name> item from the context menu;
edit privileges using Grant Manager.

The site SQLManager.net uses cookies, which is necessary for its full operation, including such functions as user authorization, purchase of products, collection of statistics of visits (excluding personal data), and others.

Click OK to continue browsing the site.