by
MarVic
Table of contents:
Using SecurityLib
with Access databases
Lost SecurityLib’s Admin password or account
This document describes the SecurityLib MS Access database, which is included in SecurityLib package.
There are two version of database. The one in MS Access 97 format is called Security.mdb, and the one in MS Access 2000 format is called Security2000.mdb. You have to have this application to be able to change password of Supervisor, which is currently blank, and a read/wrote password. Unfortunately, in cannot be done via SQL.
Using SecurityLib with Access databases
MS Access databases can be accessed by SecurityLib in many different ways. Both BDE and ADO can support it, either directly, or through ODBC.
To use Access databases with ODBC you have to create a User or System DSN pointing to the database. It should be done in setup program of your application. You have to choose a name for DSN, which will be used when adding a security object. You should set the path pointing to the database file. Also you should set the system database path to file security.mdw, which is included in the package.
Currently there is no possibility to use Access databases directly from SecurityLib. You have to use either BDE or ADO. Soon DB provider for ODBC will be released.
If you want to access the database through ODBC, nothing is to be done in BDE Administrator application. Else, you have to create an alias for database. You should choose MS Access driver, and enter appropriate information (including system database).
Now, when adding new security, you should pass the name of alias, read-only user and its password. If you are accessing the database directly, you should use RecordsetStoredProcs=0 and BDESQLParams=1 options in DBPData string. Also it is advised to use cached updates mode. More information can be found in BDE Provider documentation.
If you are using ODBC, no additional options are needed, but also cached updates mode is preferred.
The first thing you do is to construct a connection string. You can use system constructor, which can be accessed from TADOConnection component. You should choose proper provider whether you use direct or ODBC access.
It is advised to use LocalCursor=1 option and BatchUpdates=1 option, but they are on by default.
The information about users and passwords is stored in file security.mdw. You should create a new security.mdw file for your application or delete existing accounts and create three new ones: one for read-only access, one for read-write, and a supervisor account to be able to modify the settings. Administrator should have no access to the database. The read-only password is public, only read-write and Supervisor passwords are private. You should keep them written somewhere. Also you should remember the keys you used to create accounts. You may want to create a separate system database for each consumer you sell your application.
After completing above functions, you should use PasswdSetter application to update data about these accounts stored in SecurityLib database.
Lost SecurityLib’s Admin password or account
In case you loose SecurityLib’s Admin password or accidentally remove his account you can modify the Access database manually. To do that, you have to have Access application, you have to log in as a Supervisor. If you want to remove Admin’s password, open Users table, find administrator’s records, and set the password field to empty string.
To add an account with ModifyAll right, you have to add new record to Users table and enter needed data (including GroupID and Password (empty string)). Then you have to open ModGroups table, and enter new record having both GroupID and ModGroupID fields set to GroupID of new user, and Type set to 2.
“SecurityLib info” Basic information and introduction.
“User’s Manual” Information for users of programs based on SecurityLib.
“SecurityLib Administrator Manual” Information for administrators.
“Interface and programming guide” Information for programmers.
www.marvic.prv.pl/securitylib/ SecurityLib website.
MS Access, Windows are trademarks of Microsoft Corp.
All other trademarks are owned by their respective owners and were used only in information purposes.