Protects connections to the IBMInformixJDBC, ODBC, and ESQL/C drivers

Source: Internet
Author: User
Tags informix informix odbc driver
Using a connection pool for the data source may cause role-based security damage. The support for trusted connections and trusted contexts on the IBMInformix server allows flexible reuse of connections, granting controlled permissions to the middle layer, and enhancing user responsibility in layer-3 applications without compromising database security, all of these improve the system performance.

Using a connection pool for the data source may cause role-based security damage. Support for trusted connections and trusted contexts on the IBM Informix server allows flexible reuse of connections, granting controlled permissions to the middle layer, and enhancing user accountability in layer-3 applications without compromising database security, all of these improve the system performance.

This article discusses trusted connections and trusted contexts, and shows how to use JDBC, ESQL/C, and ODBC drivers to manage trusted contexts.

In the traditional three-tier application model, you can interact with each other only after successful authorization, and check and audit are executed by the middle layer. Even if multiple users log on to the middle layer, the middle layer only uses a single user ID for access and grants permissions on all resources. This model cannot obtain the actual user identity to access the database for access control. In addition, if the user ID of the middle layer is stolen, it may cause serious security threats.

To implement a unique interaction group between the intermediate layer server and the database server, Informix introduces the concept of trusted database connection. A trusted context is a database security object created on the database server. It defines a trusted database connection attribute. A trusted connection is established when the connection attribute matches the unique trusted context attribute defined on the Informix server. After a trusted connection is established on the intermediate layer server, the same physical connection can be reused without the end user being re-authenticated on the database server.

From the perspective of application developers, the importance of trusted connections is inseparable from the fact that a single database connection can be shared with other users, maintain the ID of each application or user that tries to access the database. User permission control helps you grant or restrict access to sensitive resources to improve system security and user responsibility.

Use the Informix Client driver to manage trusted contexts

In this section, you will learn how to create, modify, and discard a trusted context. To create and manage trusted contexts, your application must connect to the Informix server through TCP/IP. The following Informix Client drivers expose APIs to support trusted connections.

  • IBM Informix JDBC driver
  • IBM Informix ODBC driver
  • IBM Informix ESQL/C driver

Establish a trusted connection

Use the JDBC driver

To request a trusted connection in a JDBC application, you can include the TRUSTED_CONTEXT = TRUE attribute in the Database URL, as shown in Listing 1.

List 1. Connect using the JDBC driver

  jdbc:informix-sqli://hostname:portnumber/database_name:INFORMIXSERVER = server_name;  TRUSTED_CONTEXT = TRUE;

Use ODBC driver

The following two methods are used to establish a trusted connection through ODBC. An example is shown in Listing 2.

Use SQLSetConnectAttr () API:
SQLSetConnectAttr (hdbc1, SQL _ATTR_USE_TRUSTED_CONTEXT, SQL _TRUE, SQL _IS_INTEGER ));

Use the connection string parameters:
TRUSTEDCONTEXT = 1; or TCTX = 1;

Listing 2. ODBC driver sample connection string

"Server = ol_informix_1170; Host = 9.124.123.54; Service = ol_informix_1170; Protocol = onsoctcp; Database = stores7; TRUSTEDCONTEXT = 1 ;"

Use ESQL/C driver

In ESQL/C, TRUSTED connections are created using the TRUSTED keyword and connection statement, as well as the user name and password, as shown in listing 3.

Listing 3. Connecting using ESQL/C drivers

  EXEC SQL CONNECT TO 'database_name' USER 'informix' USING :infx_passwd TRUSTED;

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.