Step 2: Restricting database user permissions

If Rule Execution Server data is stored in a database, the database administrator might require that you provide the specific permissions to access the database.

Note: This step applies when database access needs to be restricted. If you manage the database yourself (for example, you use an embedded database for test purposes) or if you do not need further restrictions, skip this step and proceed to the next configuration step.

Connection to the Rule Execution Server database, as established in the data source credentials, and any subsequent requests to the database are handled through a database user. This database user (name and password), for example resdbUser, is defined by the database administrator and has no relation to the standard Rule Execution Server groups.

The following table gives the typical list of permissions that the database administrator must define on the Rule Execution Server database, with attention given to the type of operations. Some supported databases do not require all these permissions.

Database permission Operation
Browse and edit rulesets and RuleApps Create the Rule Execution Server schema
CREATE INDEX Not required Required
DROP INDEX Not required Required
CREATE SEQUENCE Not required Required
DROP SEQUENCE Not required Required
SELECT SEQUENCE Required Not required
CREATE TABLE Not required Required
DROP TABLE Not required Required
INSERT TABLE Required Not required
SELECT TABLE Required Not required
UPDATE TABLE Required Not required
DELETE TABLE Required Not required
CREATE TRIGGER Not required Required
CREATE VIEW Not required Required
DROP VIEW Not required Required
Parent topic: Configuring Rule Execution Server on WebSphere Application Server