I have a question regarding password protection to a table I created when I developed my database using Open Office.
I want to know how can I make a single table as password protected?
eg,
I have a database named Data
I created a table named Data-table
How can I provide a password protection on this table in open office?
In any database, access permissions are granted to specific database users. So in the initial OpenOffice Base connection setup you need to choose a specific user. (If you do not choose a specific user, the default is the SA account which has rights to all tables.)
To grant access, you need to execute a GRANT statement for that user. Examples using mysql are given at http://dev.mysql.com/doc/refman/5.7/en/grant.html:
GRANT ALL ON db1.table1 TO 'jeffrey'#'localhost';
If you are using the default HSQLDB engine with both the client and database in a single file, then in order to connect as a specific user, I think you need to convert it to a more powerful client/server setup.
To do this, you can either unzip the .odb file and extract the HSQLDB files (see here), or copy the data into a mysql database or other database of your choice. Once the data is in a separate database, it should not be hard to do what you are asking.
Related
I'm using the mosquitto service
I add the user to the users list in the file to authentication users when user subscribe to broker
Now if the number of users in this file is more than 100,000
Will it bring a heavy burden to the mosquitto?
My users may be more than a million user
Also i try to restrict users to self topic so i have to add topic name and username to ACL
So acl file is heavy
How do i manager all users authentication and acl without any problem
For that many users a flat file is a REALLY bad idea, even if the data is converted into a easily searched data structure it will be a real problem to find users in the files to edit/remove.
This is exactly what the authentication plugin interface is for.
You can write your own using the API or JPMens has written a plugin that lets you keep the Username/Password and ACL in a selection of different databases (e.g. MySQL, Postgress, MongoDB, Redis...) .
We have a client who are using Oracle EBS. They would like to build some API to retrieve the data from Oracle EBS database through JDBC directly, and read the data through the API and insert into another database for another mobile application. Do we need to buy another Oracle EBS name user license? Or we just need to buy one Oracle database user license.
Why I asked this, because in SAP world, it seems directly access database will need per access name user license. Not sure, it is the same in Oracle EBS.
Please advice, and correct me if anything wrong.
Best regards,
You should have them talk to their sales rep. Generally, the Oracle database is licenced on a CPU basis (not named user basis). But there are certain technology features that may only be licensed for EBS use.
It sounds like you are using a different user to access data, which is the correct approach from a security perspective. Make sure that that database user has only the database privileges required to extract the data the application requires (least privs).
Is it possible to secure the neo4j browser so users can only execute specific queries? I would like to provide generally open access to the browser, but not allow users to delete.
Neo4j 3.1.x security features include role based permissions. As a browser user must log in with a username and password, it is also subject to this security model.
The authentication and authorization section of the Neo4j operations guide should be helpful to you. The section describing native roles already available to you gives a good visual of what is allowed per role.
It sounds like the reader native role is the one that would make sense for browser users, as deletion requires write permissions.
Finer grained permissions are possible, but based entirely upon user defined procedures, so nowhere near as simple as using the provided native roles and permissions.
However, if certain users should only be able to run a limited set of well-defined queries, then custom roles and user defined procedures should do the trick.
I have a web application (ASP.NET MVC) which uses Azure Blob Storage for storing documents and images. Each user has specific access rights to the blobs and this
is stored in web application's database.
Currently I have a quick temporary solution which uses the web application as a middle layer that runs the authorization and if the client has read access to the blob,
it is first retrieved from Azure and then delivered to the client. This is of course not the optimal way of doing it for many reasons.
I have started to rebuild this part using SAS (Shared Access Signatures), but can't find a good source for setting up a system that will scale well as the number of
users and files grow. I am expecting the number of users to be around 100 and the number of blobs to be around 100 000.
As I see it I have two options.
1) All files have one signature stored in the web applications database and this is used for all users who have access to the file. This would be the easy way to do it,
but if a user for some reason does not still have access to the file, they will still be able to access the file if they have the link from earlier access.
2) All files have specific signatures for each user who has access to the file. This will make it easy to revoke access to files, but the number of signatures will
be massive and will this have any side effects?
Are there any more options?
Any thoughts on this are greatly appreciated!
Rather than having SAS for each users it would be better that you group the files by roles and map the users to roles which is easy to scale irrelevant to number of users.
Also giving access to users to blob directly is not recommended as you want to distribute your blob content through your application. So provide access to application with specific in context of role of user.
See below article for generating twominute SAS which expires in two minute so your users with the link does not have access to image for long time.
http://www.dotnetcurry.com/windows-azure/901/protect-azure-blob-storage-shared-access-signature
Hope this helps. :)
I am trying to restrict access to files in a directory and it's sub directories based user rights. My user rights are stored in an MS SQL database in a custom format, however it is easy to query the list of users with rights to this directory.
I need to know how to apply this to a web config on the server to authenticate against a query of a database table to determine if the username is authenticated and allowed to view the file. Of course if they are not they should be blocked / given a 404.
I am using IIS and ASP.Net MVC3 with a form based security as opposed to the built in roles and responsibilities that was custom made for us and that works great. There are over 10k users tied to this non-Active Directory authentication so I am not planning to change my authentication type so please don't go there.
It is not my decision on the choice of platform, or I would have gone with a LAMP server and been done with this.
Edit 11-13-2012 # 8:57a:
In the web config can you put the result of an SQL query?
I have answered something similarly in the past (uploading and accessing files), but the principles still apply in providing access to file system level files.
in asp.net-mvc, is there a good library or pattern to follow when saving users content (images, files, etc)