The need to create records in the _user table for SQL users (and therefore for ABL users as well) can be avoided in the following ways:
- The database creator will always have DBA permissions, so this user can be used for SQL connections without needing to add to the _user table. Any password can be used when connecting as the database creator in this way; the password is not checked. See article "Basic Guide to Defining Progress SQL-92 Database Permissions & Security".
- An implicit SQL user can be created in the database, which does not need a password. To create a SQL user implicitly, assign permissions to a user that does not exist in the _user table. For example:
GRANT DBA TO user1
The above essentially creates a new SQL user "user1" without creating a record in _user. The database can now be accessed by user1 in the same way as the database creator account, with the "user1" user name and any password.
Implicit users can be granted restricted access by granting or revoking specific privileges to specific tables, rather than full DBA rights. For example:
GRANT SELECT ON pub.Customer to user2;
user2 can connect to the database but can only query the Customer table.