Authorization

For a complete syntax description of the SQL statements for authorization, see Authorization in the SQL reference manual. Find out about the user concept of the database system (Users, Authentication and Authorizations).

The database administrator (SYSDBA user) is created when a database instance is created. The database system administrator can generate additional database users, including database administrators. All database administrators can create database users and grant privileges. This enables you to control data access for each individual user.

Below are just a few examples of key SQL statements for authorization.

Prerequisites

You require the demo data for the SQL Tutorial.

Start the query tool SQL Studio as database administrator MONA with password RED and log on to the demo database instance DEMODB.

Examples of Database Users

If the DEMODB database was created with the default values, the database system administrator has the name DBADMIN and password SECRET.

The database user MONA was created with the following CREATE USER statement:

CREATE USER mona PASSWORD red DBA NOT EXCLUSIVE

?     The name of the database user (MONA) is specified after the keywords CREATE USER and the password (RED) after the keyword PASSWORD.

?     The user class DBA (Database Administrator) is defined for the database user MONA.

?     NOT EXCLUSIVE specifies that the database administrator MONA is permitted to open several database sessions at the same time.

In the DEMODB database instance, the HOTEL schema belongs to database user MONA. The HOTEL schema contains the tables CITY, CUSTOMER, HOTEL, ROOM, RESERVATION as well other database objects created by database administrator MONA, if any: indexes, database procedures, view tables, etc.

Examples

Database Users and Their Privileges

Roles