Step 2: Restricting database user permissions

If Rule Execution Server data is stored in a database, the database administrator might require you to provide the specific permissions that you need when accessing this database.

Note: This step applies when restrictions need to be implemented on the database. Skip to the next step if you are managing the database yourself, for example for test purposes using an embedded database, or do not need further restrictions.

Connection to the Rule Execution Server database, established in the data source credentials, and any subsequent requests to the database are handled through a database user. This database user (name and password), for example resdbUser, is defined by the database administrator and has no relation to the standard Rule Execution Server groups.

The following table gives the permissions that the database administrator must define on the Rule Execution Server database, with attention given to the type of operations that you want to perform:

Database permission Operation
Browse and edit rulesets/RuleApps Create the Rule Execution Server schema
CREATE ANY INDEX Not required Required
DROP ANY INDEX Not required Required
CREATE ANY SEQUENCE Not required Required
DROP ANY SEQUENCE Not required Required
SELECT ANY SEQUENCE Required Not required
CREATE ANY TABLE Not required Required
DROP ANY TABLE Not required Required
INSERT ANY TABLE Required Not required
SELECT ANY TABLE Required Not required
UPDATE ANY TABLE Required Not required
DELETE ANY TABLE Required Not required
CREATE ANY TRIGGER Not required Required
CREATE ANY VIEW Not required Required
DROP ANY VIEW Not required Required
Note: Some supported databases do not require all the above permissions.
Parent topic: Configuring Rule Execution Server on WebSphere Application Server


© Copyright IBM Corporation 1987, 2013. | Terms and conditions for information centers | Feedback

This information center is Built on Eclipse™. (www.eclipse.org)