User Guide : 12. Managing Permissions and Viewing Properties : Grantees
 
Share this page                  
Grantees
You can grant access to various objects by using authorization identifiers, or grantees. The following grantees are listed from highest to lowest precedence, which determines the permissions enforced for a session if a particular permission is defined for more than one grantee associated with a session.
Role
Roles simplify access to the database by associating subject rights and permissions with an application. You can create roles with the option of an additional password (see General Page (Role)), externally authenticated.
For more information, see Create a Role.
User
For each valid Ingres user, a user object must be created in the Ingres master database iidbdb. The user object specifies the user name, default group, default profile, subject rights, and other attributes.
For more information, see Create a New User.
Group
Groups simplify the managing of permissions because individual users can be added or removed from groups as required. Being a member of a group does not automatically give the user the permissions granted to the group. The user must have the group specified as its default group or specify the group name in the session startup.
For more information, see Create a New Group.
Public
Granting permissions on object to PUBLIC allows any user, group, or role access to those objects. The use of grants to PUBLIC should be limited.