Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SAP Sybase SQL Anywhere 16.0 » SQL Anywhere Server - Database Administration » User and database security » User security (roles and privileges)



A user can temporarily assume the identity of another user in the database (also known as impersonation) to perform operations, provided they have a superset of the privileges of the person they are impersonating. This restriction is referred to as the at-least criteria, and it extends to administrative rights and object-level privileges as well. If a user does not have at least the same privileges and administrative rights as the user they want to impersonate, they cannot impersonate them.

You might wonder why, if a user meets and even exceeds the at-least criteria, they don't just perform the operations themselves, instead of impersonating another user to do so. The reason is that if the impersonator has more privileges than required for the task, the additional privileges can affect the output of the task. Impersonating the user who normally performs the task negates this possibility. The goal is to recreate the privileges, and potentially the database options, that are in effect for the user who is being impersonated.

The ability to impersonate another user is controlled by the SET USER system privilege. When you grant the SET USER system privilege, you can configure who the user can impersonate to be one of the following:

  • any user in the database

  • users from a specified list of users

  • users who are grantees of one or more of a specified list of roles

The at-least criteria is not evaluated at the time the SET USER system privilege is granted. Instead, it is evaluated when a user attempts to impersonate another user by executing a SETUSER statement.

While an impersonation session is in progress, any GRANT or REVOKE operations that would cause the at-least criteria to be violated are disallowed by the database server, and an error message is returned indicating the grant or revoke operation cannot proceed.

 Other notes on impersonation
 See also

In-depth look at the impersonation at-least criteria