Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » ElevateDB Technical Support » Support Forums » ElevateDB General » View Thread |
Messages 11 to 20 of 24 total |
How to handle a 'Passwords' table |
Fri, Feb 1 2013 12:27 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Adam,
<< In EDB, I'm a little stuck on how best to achieve this. I notice an option to 'Encrypt Table On Disk', but there's no option anywhere to actually specify the password. >> The encryption password is controlled via the TEDBEngine.EncryptionPassword property, and all encryption in the engine (disk/comms) is handled using the same password. The general idea is that the purpose is for encryption, not for user security. EDB has its own complete user security model for that, which DBISAM lacked: http://www.elevatesoft.com/manual?action=viewtopic&id=edb2sql&topic=User_Security If you have any other questions, please let me know. Tim Young Elevate Software www.elevatesoft.com |
Fri, Feb 1 2013 12:31 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Uli,
<< I talked about that with Tim quite often and asked him to simplify that - at the moment it seems that he has not the time to change something. >> I've got this logged. At the moment I'm re-doing the entire EDB reverse-engineering so that it is dependency-aware, and have been working on this for the last few weeks. The problem that I've got now with EDB is that most of the remaining issues/enhancements are the most difficult problems to solve and are absolute time-killers, so I'm working through them as fast as possible. Tim Young Elevate Software www.elevatesoft.com |
Fri, Feb 1 2013 1:42 PM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Tim
>The problem that I've got now with EDB is that >most of the remaining issues/enhancements are the most difficult problems to >solve and are absolute time-killers, and doesn't it get frustrating working for ages before you see anything happening? Roy Lambert |
Sat, Feb 2 2013 4:31 AM | Permanent Link |
Uli Becker | Roy,
> I haven't tried that. Have you? If you're right its something that would be easy enough to do programmatically. Yes, I did that before. In addition I tried it again with a small sample database just before posting here. Uli |
Sat, Feb 2 2013 5:48 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Uli
>Yes, I did that before. In addition I tried it again with a small sample >database just before posting here. Brill. I've added your post to the tips. Roy Lambert |
Sat, Feb 2 2013 7:03 AM | Permanent Link |
Uli Becker | Tim,
> The problem that I've got now > with EDB is that most of the remaining issues/enhancements are the most > difficult problems to solve and are absolute time-killers, so I'm > working through them as fast as possible. I see, no problem. Don't feel pushed, please. Regards Uli |
Mon, Feb 4 2013 5:21 PM | Permanent Link |
Adam H. | Hi Tim,
> The encryption password is controlled via the > TEDBEngine.EncryptionPassword property, and all encryption in the engine > (disk/comms) is handled using the same password. The general idea is > that the purpose is for encryption, not for user security. EDB has its > own complete user security model for that, which DBISAM lacked: > > http://www.elevatesoft.com/manual?action=viewtopic&id=edb2sql&topic=User_Security Thanks very much for that. The User_Security in EDB may be different to the user security that I'm chasing. Yours seems to be more related to database functions (as I'd expect). What I'm wanting to do is have a table that stores a list of staff members, and what roles they're allowed to do. (In many cases not database related). Such as which reports they can access, controlling external switches, what areas of the program they can and can't access, etc). I think the encryption will work fine for what I'm wanting to do. (Effectively encrypt a table called 'staff' that contain their username, a password, and the areas of the application that they have rights to). The roles in EDB do look quite interesting though, and may be useful down the track to ensure that only certain users have access to certain tables within the system depending on 'roles'. Cheers Adam. |
Mon, Feb 4 2013 5:21 PM | Permanent Link |
Adam H. | Uli,
> To change the password, this should work: > > Note that the password is stored in the edbmgr ini-file like Roy already > mentioned. > Use the config-file only for your encrypted database. > > 1. Disable the encryption of all tables. > 2. Delete the config-file. > 3. Create a new session (thus a new config-file), but do NOT open it. > 4. Edit the edmgr ini-file and change the password(s) to the desired > value(s). > 5. Open the session. > 6. Create a new database and connect it to the folder that contains your > (unencrypted) tables. > 7. Encrypt the tables again. Thanks very much! I like to know that I've got an 'out'. (I made a small mistake of once using the Signature in DBISam and now want to remove it, but it doesn't look like I can do it efficiently - as the table includes BLOB's that can't be reversed engineered using SQL). Handy to know what you've posted. Thank you! Cheers Adam |
Mon, Feb 4 2013 5:21 PM | Permanent Link |
Adam H. | Hi Roy,
>> In regards to encryption - would I be fine in simply setting a password >> for both my application, and also EDB Manager to the same. (Like >> 'myPassword' and have it global for all my applications.) >> >> I figure this way it would allow me to view, but only me (or the >> application), and get around anyone else who downloads EDBManager? > > It will as long as no one else guesses the encryption password. Remember this has to be given to the engine/session in your app so it will have to be stored somewhere (the sneakier the better). I'm guessing this is the more similar to DBISam then, in that it's fine unless someone also guesses the table's password. Thanks for taking the time out to help me (one again) Roy. Cheers Adam |
Tue, Feb 5 2013 4:19 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Adam
I think the type of access control that's built into ElevateDB is really intended for those databases where multiple different applications not all necessarily under the control of the same developer can access it. When you have that you pretty much need to bake some sort of control into the database. Desktop apps (even when shared) are generally under the control of a single developer and hence don't benefit as much from this approach. Just one persons view. Roy Lambert |
« Previous Page | Page 2 of 3 | Next Page » |
Jump to Page: 1 2 3 |
This web page was last updated on Tuesday, May 7, 2024 at 06:25 PM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |