Database security
You can use the Database Properties and Login
Properties windows to control the level of security for the Rational®
DOORS® database.
For access to the Database Properties and Login Properties windows, see Configuring the Rational DOORS database.
You can set these security controls in the Database Properties window:
- On the General tab, set the minimum and maximum client
versions that are allowed to connect to your database.Note: These restrictions do not apply to the Rational DOORS database server administration tool, which is installed with the client.
You can set these security controls in the Login Properties window:
- On the General tab, select Disable user logins to stop all users except database managers from logging in to the database.
- On the Policy tab, set whether users must type a password to log in. If you want users to type a password, you can set more password rules on the Passwords tab. This field is read-only if you are using the Rational Directory Server for user authentication.
- Set whether system user names can be used to log in. You must log in as the
administrator user to set this option. If a system user name is not defined for
the administrator user, you cannot set this option.
To define a system user name for the administrator user account:
- Click Tools > Options.
- Click the General tab.
- Type your system user name.
- Click OK.
Note: This field is read-only if you are using Rational Directory Server. - On the Failures tab:
- Set the number of times a user can attempt to log in before the login window closes. The number must be in the range 0 - 10. 0 means that there is no limit. The default is 4. The user name is never disabled, and the user can run Rational DOORS again and attempt to log in again. This field is not displayed if your system is using the Rational Directory Server for user authentication.
- Set the number of times a user can attempt to log in before their user account is disabled. For example, if this value is 3, users are allowed three attempts to enter the correct password and log in before their account is disabled. If you never want user accounts to be disabled, enter 0 (zero) in this field. The default is 20, which is the maximum value that you can enter. This field is not displayed if your system is using the Rational Directory Server for user authentication.
- Specify the users who receive an email when there is a failed login
attempt, and the text that is included in that email. Note: If a user session times out, and the maximum attempts for a session or for a user is reached, the user is not able to log in. For information about how to unlock the user, see Checking which users are connected to the database server.
- The fields that are read-only are set in other parts of the system, and are displayed for information only. For information about the read-only fields, see the related topics.