Security Manager

This tool provides an easy interface to manipulate users, roles and their privileges.

The window consists of three parts. First the toolbar on top, to the left is a list of all the users and roles. Finally to the left is a tabbed window containing the different settings and privileges you can manipulate for the chosen user.

Toolbar

The commands in the toolbar are from left to right.

Refresh Update the user and role list to the left of the screen.
Save changes Perform any changes made to the current user or role.
Remove Drop the user or role currently selected. If the user still owns objects a question will be asked about also removing these objects or abort the drop.
New user Start defining a new user.
New role Start defining a new role.
Copy Copy the current user or role to a new name.
SQL Display the SQL that will be used to apply the current changes in a memo editor.
Change connection Change the connection to administrate security for.

You select the role you want to work on simply by pressing it in the left pane or any of the new user, new role or copy buttons to start defining a new one.

Defining a user

There are five tabs available when defining a user or four when doing the same for a role.

General Used for setting the name, authentication, default tablespaces etc. for the new user. For more information about this see the Oracle SQL Reference.
Roles Which roles are granted to the user or role. For more information about defining privileges see the section below.
System privileges Which system privileges this user or role should have. For more information about defining privileges see the section below.
Object privileges Which privileges this user or role should have on specific schema objects. For more information about defining privileges see the section below.
Quota Define the quota for the user, this tab is not available for roles. For more information about defining quotas see the section below.

Defining privileges

All roles, system or object privileges are defined using basically the same interface.

This list contains a tree view with first the schema, then the type, the object and finally the actual privilege to define. In the system or role tabs, the privileges are in the root of the list. If you open the privilege you will find an additional admin item which if checked will give the user or role the ability to grant the privilege on to other users or roles. In the role case you also have another child item to the privilege which is default. If default is checked the role will be enabled by default when the user logs in. When you start a new user all checked items will be made visible by expanding the parent items.

Defining quota

You define quotas using the following interface.

To change a quota simply select the tablespace and specify the new quota using the radio buttons at the end of the screen. If value is selected you can specify a value using the size control at the bottom.