About
There are four types of users in the TimesTen database:
- administrator with all privileges
- internal who authenticate against the database
- external who authenticate against the operating system
- system who are used internally by the Timesten system
A user can be changed from an internal to an external user or from an external to an internal user.
Articles Related
Type
Administrator
The instance administrator is the user who installed the TimesTen instance. This user has full privileges for everything within the TimesTen instance. You can retrieve him and the group owner with the ttversion utility.
Internal
An internal user is authenticated against the database.
You can create an internal user with the CREATE USER statement.
External
External users are authenticated by the local operating system and there is then no stored password within the database.
The external user must also be in the TimesTen users group and have the correct permissions granted to it.
When using an external user, both the client and the server must be on the same host since the operating system provides the authentication of the user.
You identify the user to the database as an external user with the IDENTIFIED EXTERNALLY clause of the CREATE USER statement.
System
There are four system users created during the TimesTen install. These system users are used internally by TimesTen as follows:
- SYSTEM for internal use,
- SYS for system objects,
- GRID for cache grid objects
- and TTREP for replication objects.
How to
Create a User
Only a user with the ADMIN privilege can create a user with a direct connection to the TimesTen database. For security reason is the client/server connection not allowed.
Example with ttIsql
[oracle@Exalytics-01 ~]$ ttIsql
Copyright (c) 1996-2011, Oracle. All rights reserved.
Type ? or "help" for help, type "exit" to quit ttIsql.
Command> connect "DSN=DI_TT_AGGR_STORE;";
Command> CREATE USER USER_NAME IDENTIFIED EXTERNALLY;
User created.
Command> GRANT CREATE SESSION TO USER_NAME;
Command> ALTER USER USER_NAME IDENTIFIED BY "myPassword";
User altered.
Command> DROP USER USER_NAME;
User dropped.
See User information
You can see what users have been created by executing a SELECT statement on the following system views:
- SYS.ALL_USERS lists all users of the database that are visible to the current user.
- SYS.USER_USERS describes the current user of the database.
- SYS.DBA_USERS describes all users of the database.
Attributes
Name
TimesTen user names are case-insensitive, of type TT_CHAR and limited to 30 characters. UNIX names are case sensitive. Windows names are not. When connecting from UNIX platforms, TimesTen automatically converts the user name to upper case, rendering it case insensitive.
Password
If you do not want to use cleartext passwords to log into TimesTen, then use the PWDCrypt attribute to create a hash of the password. The only reason to use this attribute is if the password is used for logging into other entities, such as an Oracle Database. The PWDCrypt version of the password can always be used to connect to TimesTen, but you cannot convert it back to the original password in order to connect to Oracle.
Group
Both the instance administrator and all external users must be in the OS TimesTen users group specified during the install.