468,257 Members | 1,419 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,257 developers. It's quick & easy.

GSS security plugin issues

Hello all,
I have been trying to develop a security plugin for DB2 V8.2 using the GSS APIs. I have a library of GSS APIs implemented by a third party which I am using in my plugin. This plugin is now using the users and groups which belong to the active directory which are accessed by the GSS APIs. My DB2 database is installed in RH enterprise linux 3.0 platform. However I am facing the following issues in the plugin:

1. The server principal name which is mentioned in the db2secServerAuthPluginInit function, is the name of the machine where the DB2 server is running or the name of the server where the KDC lies or the name of the administrative user? Is it safe if I donot specify any credentials for the server at the time of server plugin initialization? I may do that in the subsequent calls in case this is required.

2. Some random logs are created in the db2dump folder like: 34663007166976.000 c3449.000 c3466.000 db2eventlog.000.crash t3449.000 t3466.000. Some of these logs are in binary and I am unable to make out anything from these. Also the database instance just stops abruptly in between. Some times I get the error as

DB21034E The command was processed as an SQL statement because it was not a
valid Command Line Processor command. During SQL processing it returned:
SQL1224N A database agent could not be started to service a request, or was
terminated as a result of a database system shutdown or a force command.

but in certain cases I donot get any error message.

3. I am also developing a corresponding group plugin and as per my understanding, the group plugin also takes into consideration the currently deployed authentication plugin type (GSS or userid/password). However, even when I have deployed the GSS plugin, the tokenType parameter which is passed to the GetGroupsForUser function is not DB2SEC_GSSAPI_CTX_HANDLE, as is actually expected to be.

Thanks a lot to all of you in advance to go through this list of queries so patiently.

Best regards,
May 3 '06 #1
0 1237

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

12 posts views Thread by Angelos Karantzalis | last post: by
2 posts views Thread by Jesper | last post: by
1 post views Thread by Tom Purdom | last post: by
2 posts views Thread by srinivas | last post: by
reply views Thread by Zeya | last post: by
1 post views Thread by =?Utf-8?B?TWFyaw==?= | last post: by
reply views Thread by kermitthefrogpy | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.