用户权限角色.ppt

ControllingUserAccess

(控制用户访问)

ObjectivesIt`sahabit.Aftercompletingthislesson,youshouldbeabletodothefollowing:Createusers(创建用户)Createrolestoeasesetupandmaintenanceofthesecuritymodel(创建角色)UsetheGRANTandREVOKEstatementstograntandrevokeobjectprivileges(授予和回收权限)

It`sahabit.ControllingUserAccess

(控制用户概述)DatabaseadministratorUsersUsernameandpasswordPrivileges

It`sahabit.CreatingUsers(创建用户)TheDBAcreatesusersbyusingtheCREATEUSERstatement.CREATEUSERscottIDENTIFIEDBYtiger;Usercreated.CREATEUSERuser IDENTIFIEDBYpassword;

It`sahabit.UserSystemPrivileges

(用户的系统权限)Onceauseriscreated,theDBAcangrantspecificsystemprivilegestoauser.(DBA赋予用户系统权限)Anapplicationdeveloper,forexample,mayhavethefollowingsystemprivileges:(最常用的用户系统权限)CREATESESSIONCREATETABLECREATESEQUENCECREATEVIEWCREATEPROCEDUREGRANTprivilege[,privilege...] TOuser[,user|role,PUBLIC...];

It`sahabit.GrantingSystemPrivileges

(赋权限)TheDBAcangrantauserspecificsystemprivileges.GRANTcreatesession,createtable,createsequence,createviewTOscott;Grantsucceeded.

It`sahabit.WhatisaRole?

(角色的概念)AllocatingprivilegeswithoutaroleAllocatingprivilegeswitharolePrivilegesUsersManager

It`sahabit.CreatingandGrantingPrivilegestoaRole

(创建角色，赋予权限)CREATEROLEmanager;Rolecreated.GRANTcreatetable,createview TOmanager;Grantsucceeded.GRANTmanagerTODEHAAN,KOCHHAR;Grantsucceeded.Createarole(创建角色)Grantprivilegestoarole(赋予角色权限)Grantaroletousers(赋予用户角色)

It`sahabit.Object

Privilege Table View Sequence ProcedureALTER ? ?DELETE ? ?EXECUTE ?INDEX ? INSERT ? ?REFERENCES ? ?SELECT ? ? ?UPDATE ? ?ObjectPrivileges(对象权限)

It`sahabit.GrantingObjectPrivileges(例子)GrantqueryprivilegesontheEMPLOYEEStable.Grantprivilegestoupdatespecificcolumnstousersandroles.GRANTselectON