Database Reference
In-Depth Information
of resources or collections created by a user is that user's
primary group
. The primary
group, by default, is the first group that a user is added to, but this can be reconfig‐
ured later as the user is added to further groups.
For those wishing to operate a secure environment, it is recom‐
mended that you create your own
admin
user with a different user‐
name and place it in the
dba
group. You can then log out and log in
as your new
admin
user and disable the default
admin
user account
through the Java Admin Client's User Manager.
Groups
Table 8-2
outlines the default groups that eXist provides out of the box.
Table 8-2. Default groups
Group
name
Description
The
guest
group can be thought of as a group representing unauthenticated users. It is really present to
support the
guest
user.
guest
The database administrator (
dba
) group is all-powerful: if you are in this group, then there is nothing that
you cannot do with eXist. This is akin to the
root/toor/wheel
group in a lot of Unix systems, or the
Administrators
group in Windows systems.
dba
You should give great consideration to adding a user to the
dba
group. Often, you need only a single user in the
dba
group. It is
better to create your own
admin
groups that have more limited per‐
missions on resources in the database.
In addition, you should never attempt to delete the
guest
or
dba
groups from eXist, as they are required for the proper functioning
of the system. If you wish to prevent anonymous access to eXist,
you can disable the
guest
account, using the same method
described in the hint for the
admin
user in the previous section.
Permissions
As well as an owner user and group, each resource and collection in eXist has a per‐
missions
mode
, which is expressed in the same way in eXist as in Unix systems. The
mode is made up of three user classes:
• Owner user
• Owner group
Search WWH ::
Custom Search