ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzatz_5.4.0.1/51/program/datasec.htm

37 lines
2.8 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Security of lookups</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h5><a name="datasec"></a>Security of lookups</h5>
<!-- <p>External Java clients with Java Naming and Directory Interface (JNDI) access can look up a Java 2 Connector (J2C) resource such as a data source. However, they are not permitted to take advantage of the component managed authentication alias defined on the resource. This alias is a default value used when the user and password are not supplied on the getConnection call. Therefore, if an external client needs to get a connection, it must assume responsibility for the authentication data. It can either pass user and password on the getConnection call, or it can use the no-argument getConnection() call and define the alias with the corresponding user and password in a file on each system where the client is expected to run.</p> -->
<p>Any client that runs in WebSphere Application Server - Express, such as a servlet or JSP, can look up a Java 2 Connector (J2C) resource (such as a data source) in the Java Naming and Directory Interface (JNDI) namespace and obtain connections without providing authentication data. These clients use a component managed authentication alias defined on the resource, which is the default value used when the user and password are not supplied on the getConnection call. However, you can pass the user and password on the getConnection call, as well as disable security of lookups using WebSphere Application Server - Express.</p>
<p>See the following topics for detailed information on how to manage lookup security:</p>
<blockquote>
<p><strong><a href="datasecpas.htm">Pass user and password on the getConnection call</a></strong><br>
This topic explains the necessary prerequisites before the user and and password can be passed on the getConnection call.</p>
<!--Not supported in Express
<p><strong><a href="datasecnoarg.htm">Use the no-argument getConnection call</a></strong><br>
This topic provides instructions on how to bypass the getConnection call using a remote client text file, if the client runs outside the WebSphere Application Server - Express process and does not pass the user and password on the getConnection call.</p>
-->
<p><strong><a href="datasecdisable.htm">Disable lookup security</a></strong><br>
Although it is not recommended, it is possible to turn off the secure mode for a particular data source or connection factory.</p>
</blockquote>
</body>
</html>