In this example, you
use the MODIFY statement to apply passwords to physical tables that
were added to the library through a host copy command. The following
code applies passwords to any unsecured physical tables in the secdemo
library and binds those tables to metadata (creating corresponding
secured table objects).
libname secdemo 'path';
proc authlib library=secdemo;
modify pw=secret;
run;
Here are some details
about the preceding code:
-
The preceding code does not include
the SECUREDFOLDER and SECUREDLIBRARY parameters. It is not necessary
to use these parameters, because the physical directory of the specified
library (secdemo) contains information that references a particular
metadata folder and secured library object.
-
The preceding code affects the
physical library and all of the tables that it contains. If you don’t
want to affect the library, set the TABLESONLY option. If you want
to affect only some of the tables, add a TABLES statement after the
MODIFY statement. If you use one or more TABLES statements after a
MODIFY statement, only the specified tables are processed.
Note: In this example, all of the
copied tables are initially unsecured. If any of the copied tables
were already secured, with a different password, those tables would
not be affected by the preceding code.
-
The preceding code does not explicitly
supply connection information for the metadata server. This example
assumes that your SAS session already knows how to connect to the
target metadata server.
CAUTION:
If you
lose the password (or passwords) for a metadata-bound library, you
can't unbind the library or change its passwords.
Be sure to keep track
of passwords that you assign in the CREATE and MODIFY statements of
the AUTHLIB procedure.
Tip
This code creates a new secured
table object in metadata. Whenever you create new secured library
or secured table objects, you should review the permissions on those
objects in SAS Management Console. You can adjust access if needed.
For example, you can add users or groups to a secured table’s
Authorization tab,
and grant (or deny) the Select permission (to manage Read access to
the data).