solidDB Help : solidDB reference : SQL: Statements : ALTER USER : ALTER USER (replica and master)
  
ALTER USER (replica and master)
Note Applies to only solidDB Advanced Replication configurations.
ALTER USER replica‑user SET MASTER master‑name USER user‑specification
ALTER USER username SET {PUBLIC | PRIVATE}
where:
user‑specification ::= {master‑user IDENTIFIED BY master‑password | NONE}
Access requirements
ALTER USER .. SET MASTER: User with SYS_SYNC_ADMIN_ROLE authority.
ALTER USER .. SET {PUBLIC | PRIVATE}: User with DBA or SYS_SYNC_ADMIN_ROLE authority.
Usage
Use the ALTER USER ... SET MASTER statement (in the replica database only) to map the replica user id to the specified master user id. Note that it is always the replica user id that is mapped to the master user id and not the other way round.
The mapping of user ids is used for implementing security in a multi-master or multi-tier synchronization environment. In such environments, it is difficult to maintain the same user name and passwords in separate, geographically-dispersed databases.
If NONE is specified, the mapping is removed.
All replica databases are responsible for subscribing to the SYNC_CONFIG system publication to update user information. Public master user names and passwords are downloaded to a replica database during this process by using the MESSAGE APPEND SYNC_CONFIG statement. By mapping a replica user id with a master user id, the system determines the currently active master user, based on the local user id that is logged to the replica database. If during SYNC_CONFIG loading the system does not detect a mapping, it determines the currently active master user by looking for the same user id and password in the master database as is used in the replica database.
For more details on using mapping for security, see Implementing security through access rights and roles.
Use the ALTER USER ... SET PUBLIC or SET PRIVATE (in the master database only) to limit the master user accounts that are downloaded to the replica database during SYNC_CONFIG loading.
The default is PUBLIC. If the PRIVATE option is set for a user, the information for that user is not included in a SYNC_CONFIG subscription, even if they are specified in a SYNC_CONFIG request.
For example, for security reasons, administrators might want to ensure that the passwords for administration accounts are never downloaded to a replica database.
Return codes
 
Error code
Description
13047
No privilege for operation
13060
User name user not found
25020
Database is not a master database
25062
User user‑id is not mapped to master user‑id
25063
User user‑id is already mapped to master user‑id
Examples
The following statement maps the replica user id, SMITH_1, to a master user id, DBA, with the password DBA.
ALTER USER SMITH_1 SET MASTER MASTER_1 USER DBA IDENTIFIED BY DBA
The following statement sets the status of the user admin1 in the master database to PRIVATE, which means that the user account of admin1 should not be downloaded to any replica.
ALTER USER admin1 SET PRIVATE;
The following statement sets the status of the user salesman in the master database to PUBLIC, which means that the user account of salesman should be downloaded to all replicas.
ALTER USER salesman SET PUBLIC;
Go up to
ALTER USER