Server User List
The <users> configuration element lists the users who are allowed to access the ObjectDB Server and specifies their settings (username, password, permissions, and quota).
The default configuration file contains the following <users> element:
<users> <user username="admin" password="admin" ip="127.0.0.1" admin="true"> <dir path="/" permissions="access,modify,create,delete" /> </user> <user username="$default" password="$$$###"> <dir path="/$user/" permissions="access|modify|create|delete"> <quota directories="5" files="20" disk-space="5mb" /> </dir> </user> <user username="user1" password="user1" /> </users>
The <user> elements
<user username="admin" password="admin" ip="127.0.0.1" admin="true">
...
</user>
<user username="$default" password="$$$###">
...
</user>
<user username="user1" password="user1" />Each user is represented by a single <user> element:
- The required
usernameandpasswordattributes specify a username and a password that must be provided when the user connects to the server. - The optional
ipattribute, if specified, allows the user to connect to the server only from the specified IP addresses. For example,"127.0.0.1"(the local computer) restricts the user to the computer on which the server is running.
You can specify multiple IP addresses in a comma-separated list and use a hyphen (-) to specify a range. For example, a value of"192.18.0.0-192.18.194.255,127.0.0.1"allows connections from any IP address in the range192.18.0.0-192.18.194.255and from127.0.0.1. - The
adminattribute, with a value oftrueorfalse, specifies whether the user is a superuser. A superuser can manage server settings using the ObjectDB Explorer.
A username value of "$default" defines a virtual master user. Other user definitions automatically inherit the settings from this master definition. However, the master user itself cannot be used to connect to the database.
The <dir> element
<dir path="/" permissions="access,modify,create,delete" />
<dir path="/$user/" permissions="access|modify|create|delete">
<quota directories="5" files="20" disk-space="5mb" />
</dir>Each <user> element can contain one or more <dir> subelements that specify which paths under the server's data directory the user can access:
- The required
pathattribute specifies a directory path relative to the root data directory. Permission to access a directory includes permission to access its entire subdirectory tree. Therefore, a path of"/"grants permission to access any directory within the data directory.$useris a variable that represents the user's username. When specified for the master user ("$default"), each user definition interprets$useras its own username. This makes it easy to allocate a private directory for each user. - The required
permissionsattribute specifies which database file permissions are granted.
The comma-separated string value can contain the following permissions:access: Permission to open a database for reading.modify: Permission to modify the contents of a database.create: Permission to create new subdirectories and database files.delete: Permission to delete subdirectories and database files.
If no permissions are specified, the user can still view the directory's contents in the Explorer but cannot open database files or modify anything.
The <quota> element
<quota directories="5" files="20" disk-space="5mb" />Each <dir> element can contain an optional <quota> subelement that specifies restrictions on the directory's contents:
- The
directoriesattribute specifies the maximum number of subdirectories allowed in that directory. This count includes nested subdirectories. - The
filesattribute specifies the maximum number of database files the directory can contain. - The
disk-spaceattribute specifies the maximum disk space for all files in that directory.