Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software

141

142

143

144

145

146

147

148

149

150

A Secure Login and Role Selection for Neoview Users

Overview

Other than for maintenance and support, the Neoview platform is accessible only through ODBC,

JDBC, or a client application that itself connects through ODBC or JDBC, and all clients demand

that a database user log on with database user name. Platform users log on with names that

resemble database user names but that permit access to the Neoview platform, for troubleshooting

and maintenance purposes, even when the external directory server is unavailable.

NOTE: No user may now log on to Neoview using a role name (such as ROLE.DBA) in lieu of

a user name.

As an additional security measure, ODBC and JDBC data sources are configured to time out an

idle connection by default after 10 minutes, requiring a user to log on again in order to submit

a query. Consult HP Support if you wish to change the timeout interval.

Secure Login and Multiple-Role Support in Neoview Clients

In this release, the instructions for logging on in various Neoview clients differ in several respects

from logon procedures in earlier general availability releases. In general, the documentation for

a client product describes in detail how to log on in that client. Login instructions for a few clients

are included in the README for Neoview Release 2.5. General rules for logging on to a Neoview

client are now as follows:

Logging on as a Database User

If you are a database user, provide your user name, your password, and the role you will use in

this session, for example ROLE.DBA. If you omit the role, your default role will apply.

For background pertaining to database user and role names, see “User and Role Names and

Associated Functions” (page 19). For background pertaining to database user passwords, see

“Password Security” (page 23).

Logging on as a Platform User

If you are a platform user, provide only your user name and password. A platform user has only

one role, so a specification at login is not necessary (and any role you specify will be ignored).

For background pertaining to database user and role names, see “User and Role Names and

Associated Functions” (page 19). For background pertaining to database user passwords, see

“Password Security” (page 23).

Case Sensitivity of Usernames

Usernames are case-insensitive in all Neoview clients. However, some platform-level command

interpreters used by HP Support require usernames to be presented in uppercase.

Dual Passwords for Platform and Power Users

Depending on security policies in force at your site, you might have to supply passwords not

only for yourself but also for the role you are using. (For more information about these policies,

see “Viewing and Updating the Power Role Management Policies” (page 48).) Roles that might

require you to specify both your own password and the role password are:

• ROLE.MGR

• ROLE.SECMGR

• ROLE.DBA

• SUPER.SUPER

Overview 145