By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,334 Members | 1,266 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,334 IT Pros & Developers. It's quick & easy.

v8.1 authentication question

P: n/a
aj
DB2 WSE 8.1 FP 5
Red Hat Linux AS 2.1

I have the DB2 development client installed on my Win2000 PC,
and have catalogued a remote node & database on my PC.

My DB2 server across the n/w has the following DBM CFG settings:
Database manager authentication (AUTHENTICATION) = SERVER
Cataloging allowed without authority (CATALOG_NOAUTH) = NO
Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
Trust all clients (TRUST_ALLCLNTS) = YES
Bypass federated authentication (FED_NOAUTH) = YES

Using the CLP on my PC, as long as I specify a valid username and
ANY password, I can successfully connect to that remote database.
In other words:
db2 => connect to <db> user <validuser> using <ANY OLD THING>
connects just fine.

Why is this? My DB server has AUTHENTICATION=SERVER, so TRUST_CLNTAUTH
and TRUST_ALLCLNTS should be completely ignored. Why can I connect
using a valid username and **any** bogus password?

I don't believe I was able to do this under v7 - has authentication
behavior changed under v8? Isn't it true that client authentication
settings can never override server authentication settings?

Any help appreciated.

aj
Nov 12 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.