By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,756 Members | 1,749 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,756 IT Pros & Developers. It's quick & easy.

GSS security plugin issues

P: 3
Hello all,
I have been trying to develop a security plugin for DB2 V8.2 using the GSS APIs. I have a library of GSS APIs implemented by a third party which I am using in my plugin. This plugin is now using the users and groups which belong to the active directory which are accessed by the GSS APIs. My DB2 database is installed in RH enterprise linux 3.0 platform. However I am facing the following issues in the plugin:

1. The server principal name which is mentioned in the db2secServerAuthPluginInit function, is the name of the machine where the DB2 server is running or the name of the server where the KDC lies or the name of the administrative user? Is it safe if I donot specify any credentials for the server at the time of server plugin initialization? I may do that in the subsequent calls in case this is required.

2. Some random logs are created in the db2dump folder like: 34663007166976.000 c3449.000 c3466.000 db2eventlog.000.crash t3449.000 t3466.000. Some of these logs are in binary and I am unable to make out anything from these. Also the database instance just stops abruptly in between. Some times I get the error as

DB21034E The command was processed as an SQL statement because it was not a
valid Command Line Processor command. During SQL processing it returned:
SQL1224N A database agent could not be started to service a request, or was
terminated as a result of a database system shutdown or a force command.
SQLSTATE=55032

but in certain cases I donot get any error message.

3. I am also developing a corresponding group plugin and as per my understanding, the group plugin also takes into consideration the currently deployed authentication plugin type (GSS or userid/password). However, even when I have deployed the GSS plugin, the tokenType parameter which is passed to the GetGroupsForUser function is not DB2SEC_GSSAPI_CTX_HANDLE, as is actually expected to be.

Thanks a lot to all of you in advance to go through this list of queries so patiently.

Best regards,
Sayali
May 3 '06 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.