HP 3000 Manuals HP 3000 Manuals
About Turbo CONNECT Security
Turbo CONNECT enforces TurboIMAGE/XL database security. That is, Turbo
CONNECT users can access only the data defined for them in the
TurboIMAGE/XL database schema.
To accomplish this, during an attach only the DBC is defined as a Turbo
CONNECT user. This user has access to all the mapped tables in the
database. The DBC must explicitly add all other Turbo CONNECT users by
associating each password with a DBEUser_ID. A view is then created for
each mapped table to which the DBEUser_ID has access. This view is based
on information in the TurboIMAGE/XL root file and permits user classes to
see the data defined for them in the TurboIMAGE/XL schema. Users,
including user class 0, must know the names of the views to which they
have access.
ATCUtil security can be modified only by someone who is both the DBC and
a DBA of the respective database management systems.
Controlling Turbo CONNECT User Access
Turbo CONNECT takes the following steps to control users' access to
TurboIMAGE/XL data (see Figure 3-4):
* When a Turbo CONNECT user is added, Turbo CONNECT creates an
ALLBASE/SQL authorization group. The name of this group is based on
the user class of the password named in the ADD USER command. The
naming convention for this group is OwnerName_UserClass#. The new
DBEUserID (User@Account) is then added to this group.
One view is then created for each data set the user class is
allowed to access. The naming convention for these views is
OwnerName.MappedTableName_VUserClass#.
If data is not password-protected, user class 0 is assumed and views
of this data are created for user class 0.
* When a Turbo CONNECT user is deleted, the DBEUserID is removed from
the ALLBASE/SQL group associated with the TurboIMAGE/XL user class.
Note that the group itself and the corresponding views remain in the
DBEnvironment because other user-created views may be based on these
views.
* When the database is detached, all views based on mapped tables,
including user-created views, are dropped.
![[FINAL5]](../../pic3k/M010132/FINAL5.gif)
Figure 3-4. Turbo CONNECT security mapping
Turbo CONNECT Data Type Mapping
Turbo CONNECT maps all TurboIMAGE/XL data types to the closest equivalent
ALLBASE/SQL data types. Sometimes completely compatible choices are not
available, or more than one viable alternative exists. In these cases,
Turbo CONNECT chooses default data types for you, but also provides
alternate data type mapping that you can select if it more closely meets
your particular needs.
Note that when alternate data type mapping is selected, all user-created
views containing the mapped data type are dropped. Therefore, it is
advisable to perform alternate data type mapping before users have had
the opportunity to create views.
For specific information about Turbo CONNECT default data type mapping
and alternate choices, refer to Table 2-5 in chapter 2 (task 4).
At Run Time
At run time, ALLBASE/SQL turns all mapped table queries over to Turbo
CONNECT. Using the mapping information in the ATCINFO file, Turbo CONNECT
makes the appropriate TurboIMAGE/XL calls, retrieves the data from the
TurboIMAGE/XL database, and returns the data to ALLBASE/SQL in the
correct ALLBASE/SQL format. (See Figure 3-5.)
![[FIG6]](../../pic3k/M010132/FIG6.gif)
Figure 3-5. Turbo CONNECT at Run Time
Note that the data is retrieved from the TurboIMAGE/XL database. Only
the mapped table definitions actually reside in the DBEnvironment.