Hi, I 'm new to DB2 (from Oracle background) and have some fundamental
question.
In Oracle, you create user account "within the database" to let user to
logon to the database. There is no tie between the unix account (or other
operating system) and the oracle user account - you can logon to the server
machine dose not mean you can logon to the database implicitly.
However, I notice that there is no account creation in DB2 v8 UDB server.
1. So am I correct to say that everyone has an valid Unix (or any O/S)
account in the DB2 server machine will be able to connect to database
(authentication =SERVER)?
2. What if I only want few unix user be able to logon to the database to do
their job ? In other word, how do I restrict the implicit authentication
(based on the O/S) to only few user ?
Looks like my concept with oracle does not apply to DB2. Hope someone can
help. Thanks
Tom
4  3600 
DB2 does not have internal authentication ... authentication is provided
by the OS. But authorization IS provided by DB2 (as it is with other
rdmses). So once you are authenticated by the OS and by DB2, you must
use the internal authorization facilities of DB2 to grant access for
that user to objects, packages, etc.
Answers below.
cmc wrote: Hi, I 'm new to DB2 (from Oracle background) and have some fundamental
question.
In Oracle, you create user account "within the database" to let user to
logon to the database. There is no tie between the unix account (or other
operating system) and the oracle user account - you can logon to the server
machine dose not mean you can logon to the database implicitly.
However, I notice that there is no account creation in DB2 v8 UDB server.
1. So am I correct to say that everyone has an valid Unix (or any O/S)
account in the DB2 server machine will be able to connect to database
(authentication =SERVER)?
No. You must either have a priviledge to connect.
2. What if I only want few unix user be able to logon to the database to do
their job ? In other word, how do I restrict the implicit authentication
(based on the O/S) to only few user ?
There is no implicit authorization for "normal" users. If they are
sysadmin, that is a different story. But for just plain old users, they
must be given the right priviledge in DB2. See the GRANT command.
Looks like my concept with oracle does not apply to DB2. Hope someone can
help. Thanks
Tom
Larry Edelstein
Larry wrote: DB2 does not have internal authentication ... authentication is provided
by the OS. But authorization IS provided by DB2 (as it is with other
rdmses). So once you are authenticated by the OS and by DB2, you must
use the internal authorization facilities of DB2 to grant access for
that user to objects, packages, etc.
The basic, underlying idea in DB2 is to not have two instances that are
responsible for authentication (OS and DBMS). To further support that
approach you can implement your own user exit that does the authentication
in whichever way you like.
--
Knut Stolze
Information Integration
IBM Germany / University of Jena
I assume the first point refer to central User Authentication management.
But not quite understand the second point. Can you further elaborate ?
Do you mean application developer can use USER Exit to call the
authentication API to the OS (or the API facility like LDAP) ?
Thanks
Tom
"Knut Stolze" <st****@de.ibm. com> wrote in message
news:d3******** **@fsuj29.rz.un i-jena.de... Larry wrote:
DB2 does not have internal authentication ... authentication is provided
by the OS. But authorization IS provided by DB2 (as it is with other
rdmses). So once you are authenticated by the OS and by DB2, you must
use the internal authorization facilities of DB2 to grant access for
that user to objects, packages, etc.
The basic, underlying idea in DB2 is to not have two instances that are
responsible for authentication (OS and DBMS). To further support that
approach you can implement your own user exit that does the authentication
in whichever way you like.
--
Knut Stolze
Information Integration
IBM Germany / University of Jena
cmc wrote: I assume the first point refer to central User Authentication management.
But not quite understand the second point. Can you further elaborate ?
Do you mean application developer can use USER Exit to call the
authentication API to the OS (or the API facility like LDAP) ?
Thanks
Tom
"Knut Stolze" <st****@de.ibm. com> wrote in message
news:d3******** **@fsuj29.rz.un i-jena.de...
Larry wrote:
DB2 does not have internal authentication ... authentication is provided
by the OS. But authorization IS provided by DB2 (as it is with other
rdmses). So once you are authenticated by the OS and by DB2, you must
use the internal authorization facilities of DB2 to grant access for
that user to objects, packages, etc.
The basic, underlying idea in DB2 is to not have two instances that are
responsible for authentication (OS and DBMS). To further support that
approach you can implement your own user exit that does the authentication
in whichever way you like.
--
Knut Stolze
Information Integration
IBM Germany / University of Jena
Not the app-developer, but the DBA can set it up.
Search for "Security Plugin" in Information Center
Cheers
Serge
--
Serge Rielau
DB2 SQL Compiler Development
IBM Toronto Lab This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: \Old Code Dude\ |
last post by:
Hi,
I have installed a ILS.
Installed MYSQL
Installed PHP on my XP PRO PC.
I want to test and develop a webshop local.
BUT...I got the PHP and ILS working.
The SQL im not sure about.
When I load the OSCommers webshop it lockes in step two (The SQL db
|
by: cmc |
last post by:
I need some clarification to help me understand the DB2 strucure more.
The questions are about "implicit schema"
1. This is a very interest concpet that DB2 let every user to create new
schema (as this is part of the PUBLIC group privilege - if I am not wrong).
From a practical stand point, what is the application of such concept.
2. Suprisingly, if the schema is an implicitly created, everyone else can
create objects in it too. What...
|
by: DotNet |
last post by:
I'm trying to construct a header user control and would like to pass an
integer to the control in order to display the correct on state for a menu.
How does one pass an integer from an .aspx page to an .ascx page when the
page loads?
Thanks.
|
by: EMW |
last post by:
I have managed to create a page with some buttons on it.
I want to create some little animation to those buttons, like just after the
page is opened in IE, the user sees the buttons move from a corner to a
specific position... (i now it's lame, but...)
If I open the text part of the ASPX file, I see the page class and the
Page_Load event.
But how can I start a procedure that will move those buttons, after the
page has loaded?
|
by: Danny Ni |
last post by:
Hi,
I have one user control named Schedule.ascx, I want to create another
control which is quite similar to schedule.ascx but differs in some methods
and some UI elements, the way I am doing it right now, I save schedule.ascx
as another name, say schedule2.ascx then I go to code behind and chane the
class name and the methods I like to change. Also modify the UI on ascx
file.
This is working. But there is a problem, evertime I change...
| | |
by: Jake Peters |
last post by:
I'd like to know how to get a users various table
privilages from a sql server (insert/delete/update), so
that i can set controls to behave accordingly (read only,
hidden, disable "insert" button, etc). I'm sure it can't
be too difficult, but I've been having a hard time finding
any revelant information when doing searches.
I know sql can just throw back an exception to let the user
know, but my goal is to make custom controls that get...
|
by: Martin Arvidsson, Visual Systems AB |
last post by:
Hi!
I have a couple of newbee questions.
I have a .aspx page with a couple of TextBoxes and a submit button.
Now...
When i press the submitbutton i want the data in the TextBoxes to be saved
in my Sql Table.
|
by: gimme_this_gimme_that |
last post by:
Hello fellow DB2ers!
I have a new DB2 Express-C (version 9.5) installation running on Vista
Business.
I'm able to create new databases using the "create db dbname" command.
I'm setting out to configure my DB2 installation so I can establish
connections from a web application.
|
by: gimme_this_gimme_that |
last post by:
1. What is the syntax to create a node when the server is running on
the local machine?
Does one still use the word remote?
catalog tcpip node webi remote localhost server 50000
2. If I execute "db2 get dbm cfg c:/output.txt" and grep output.txt
on SVCENAME I see this:
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
