Products that are distributed over networks, either intranets or the Internet, are vulnerable to compromise of inter-component communications – this is why EPX uses features that include secure communication protocols to provide security for identification, authentication, confidentiality, and integrity.
EPX identifies and authenticates users attempting to log in using a user ID and password, and runs in the following modes:
No encryption or authentication
Server authentication only with SSL encryption
Dual authentication with SSL (thin, thick, and API clients)
The security that you set for a group does not override the security set for users within the group; security is cumulative. Also, if a user is a member of multiple groups, the user will be able to access an object as long as one of the groups (or the user) allows access to that object.
This chapter assumes a general understanding of SQL-92 security.