Informix

nested-group-icon.png

DB2

Expand all | Collapse all

Authenfication

  • 1.  Authenfication

    Posted 15 days ago
    Hi to All

    on onconfig :

    i want to use two different authentification methods  for the same server : OS USER and INTERNAL USER, is is possible ?

    DBSERVERNAME db_serv        (OS USER)
    DBSERVERALIASES db_net     (INTERNAL USER)

    on sqlhosts

    db_serv onsoctcp  host_ip host_port_1
    db_net   onsoctcp  host_ip host_port_2


    thanks :)

    ------------------------------
    John Smith
    ------------------------------


  • 2.  RE: Authenfication

    Posted 15 days ago

    You can have PAM on one port and no PAM on the other

     

    Outside of that I'm not aware of any other options but I've never really looked. 

     

    But I suspect you do something within sysdbopen to block internal users from db_serv – again never tried

     

    Cheers

    Paul

     






  • 3.  RE: Authenfication

    Posted 15 days ago
    Thank you Paul


    ------------------------------
    John Smith
    ------------------------------



  • 4.  RE: Authenfication

    Posted 15 days ago
    As it stands, any default port would do both, internal and OS user authentication.
    Should OS auth be done through PAM, so on an Informix port configured to use PAM, no internal users could connect on that port.

    (One could argue why not allowing internal auth on a PAM port, esp. if that's configured to do simple OS auth only, but that's not implemented as of now.)

    So, to your question: you'd not even need those two separate ports - but could of course do it this way.
    What would not be possible, I think, is restricting such port to either only OS auth or only internal auth.

    ------------------------------
    Andreas Legner
    ------------------------------



  • 5.  RE: Authenfication

    Posted 15 days ago
    Edited by John Smith 15 days ago
    still thinking about auth. methods, i think i was going the wrong way :(

    In fact i'm looking for a method where i can hide the user password, on a client server, similar to oracle wallet

    i know i can go on LDAP authentifaction (with MS Active directory for example) so no password need , just interacting with LDAP Server

    but i m also looking another  "informix way :)"

    ------------------------------
    John Smith
    ------------------------------