For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.
Database users and privileges
At run time, the MobileFirst Server applications in the application server use data sources as resources to obtain connection to relational databases. The data source needs a user with certain privileges to access the database.
We need to configure a data source for each MobileFirst Server application that is deployed to the application server to have the access to the relational database. The data source requires a user with specific privileges to access the database. The number of users that you need to create depends on the installation procedure used to deploy MobileFirst Server applications to the application server.
- Installation with the Server Configuration Tool
- The same user is used for all components (MobileFirst Server administration service, MobileFirst Server configuration service, MobileFirst Server push service, and MobileFirst runtime)
- Installation with Ant tasks
- The sample Ant files that are provided in the product distribution use the same user for all components. However, it is possible to modify the Ant files to have different users:
- The same user for the administration service and the configuration service as they cannot be installed separately with Ant tasks.
- A different user for the runtime
- A different user for the push service.
- Manual installation
- It is possible to assign a different data source, and thus a different user, to each of the MobileFirst Server components.
At run time, the users must have the following privileges on the tables and sequences of their data:
- SELECT TABLE
- INSERT TABLE
- UPDATE TABLE
- DELETE TABLE
- SELECT SEQUENCE
If the tables are not created manually before you run the installation with Ant Tasks or the Server Configuration Tool, ensure that you have a user that is able to create the tables. It also needs the following privileges:
- CREATE INDEX
- CREATE SEQUENCE
- CREATE TABLE
For an upgrade of the product, it needs these additional privileges:
- ALTER TABLE
- CREATE VIEW
- DROP INDEX
- DROP SEQUENCE
- DROP TABLE
- DROP VIEW
Parent topic: Relational databases