Schemas, Database Users, and Security Domains

To access a database, a user must run a database application (such as an Oracle Forms form, SQL*Plus, or a Precompiler program) and connect using a username defined in the database.

When a database user is created, a corresponding schema of the same name is created for the user. By default, once a user connects to a database, the user has access to all objects contained in the corresponding schema. A user is associated only with the schema of the same name; therefore, the terms user and schema are similar.

The access rights of a user are controlled by the different settings of the user's security domain. When creating a new database user or altering an existing one, the security administrator must make several decisions concerning a user's security domain. These include

• whether user authentication information is maintained by the database, the operating system, or a network authentication service

• settings for the user's default and temporary tablespaces

• a list, if any, of tablespaces accessible to the user and the associated quotas for each listed tablespace

• the user's resource limit profile; that is, limits that dictate the amount of system resources available to the user

• the privileges and roles that provide the user with appropriate access to objects needed to perform database operations

Note: The information in this chapter applies to all user-defined database users. It does not apply to the special database users SYS and SYSTEM. Settings for these users' security domains should never be altered. For more information about these special database users, see the Oracle7 Server Administrator's Guide.