The solidDB Advanced Replication security model is based on the following principles:
▪ There are two types of users: local users and master users.
▪ A local user has access rights in the replica database.
▪ A master user has access rights in the master database.
▪ For a local user to be able to perform synchronization-related tasks, the local user must be mapped to a corresponding master user in the master database.
▪ Master user access rights are used when executing a synchronization message in the master database.
▪ Both local users and master users exist in the replica database of an Advanced Replication system.
▪ Local users can perform local database operations such as execute queries, create tables, or call stored procedures based on the access rights that are defined for them.
For example, the administrator of the local database can perform any operations on the local database. However, a local user has no access to the synchronization-related statements such as the SAVE or MESSAGE statements. A local user must be mapped to a master user in order for that local user to be able to propagate transactions to the master database.
▪ Master users are users that are defined in the master database and have been downloaded to the replica database as part of the replica registration process. All synchronization operations require that a current master user is defined by mapping a local user ID to a master user ID.
Master user names and passwords are defined separately in the SYS_SYNC_USERS table (see SYS_SYNC_USERS) of each replica database, giving master users the rights to save transactions in tables in which they have authorization. User access is also verified in the master database during synchronization.
▪ Both master and local users can have synchronization-specific roles, such as a role that allows replica registration or an administrative role for synchronization functions.
For an overview of access rights requirements for each statement, see the relevant statement descriptions in SQL: Statements.