Now Firebird support multiple security databases, new problems arise that could not occur with a single, global security database.Clusters of databases using the same security database are effectively separated.Mappings provide the means to achieve the same effect when multiple databases are using their own security databases.Some cases require control for limited interaction between such clusters.For example:
-
when
EXECUTE STATEMENT ON EXTERNAL DATA SOURCE
requires data exchange between clusters -
when server-wide SYSDBA access to databases is needed from other clusters, using services.
-
On Windows, due to support for Trusted User authentication: to map Windows users to a Firebird user and/or role.An example is the need for a
ROLE
granted to a Windows group to be assigned automatically to members of that group.
The single solution for all such cases is mapping the login information assigned to a user when it connects to a Firebird server to internal security objects in a database — CURRENT_USER
and CURRENT_ROLE
.