jdbc connection without giving username and password

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

%NAME% - 30 Mar 2007 01:00 GMT

When using embedded SQL for db2 under solaris, you do not need to give
username and password since the system will use your unix-login as
default credential. However, with JDBC seems I always need to provide
username and password, the Java API
DriverManger.getConnection(String url) does not work. I am not sure
if this is because the JDBC driver, or because it does not work for
DB2 under solaris. Any comments? Thanks a lot!

Reply to this Message

Bernd Hohmann - 30 Mar 2007 01:38 GMT

> When using embedded SQL for db2 under solaris, you do not need to give
> username and password since the system will use your unix-login as
[quoted text clipped - 3 lines]
> if this is because the JDBC driver, or because it does not work for
> DB2 under solaris. Any comments? Thanks a lot!

As far as I remember it depends on the driver.

com.ibm.db2.jdbc.app can use the credentials of the OS (if the DB2
client is installed), com.ibm.db2.jdbc.net needs user/password.

It may have changed in DB2 v9 and the unified driver.

Bernd

Signature

Well, there's egg and bacon; egg sausage and bacon; egg and
trap20070330@spamonly.de; egg bacon and spam; egg bacon sausage
and trap20070330@spamonly.net; spam bacon sausage and spam; spam
egg spam spam bacon and trap20070330@nixwill.de ; spam sausage

Reply to this Message

Phil Sherman - 30 Mar 2007 02:05 GMT

Not quite true for embedded SQL. Bind parameters control which userid
will be used when executing the package; the binder or the user. You are
correct that it will pickup your userid and password from your session.

JDBC is dynamic and requires a userid and password to determine the
user's privileges. I recall JDBC using my session values for type 2
connections but have always needed to supply them when using type 4
(JDBC Universal driver) connections.

The Universal JDBC DriverManager interface has a "securityMechanism"
facility if you make your connection using the getConnection variant
that includes a java.util.properties parameter. Unfortunately, you can't
eliminate the need to supply at least a userid unless you are using full
KERBEROS security. See the "Programming Client Applications" manual
section "Security under the Universal JDBC Driver". My copy has this
information om page 444.

Phil Sherman

Reply to this Message

Ian - 30 Mar 2007 03:26 GMT

The security mechanism has nothing to do with embedded SQL vs JDBC.
It is a function of whether you are connecting to a local or remote
database (and the AUTHENTICATION parameter on the database server).
For this discussion, let's assume that AUTHENTICATION = SERVER, which
is the default).

Your embedded application doesn't require a password because the
database alias is a local database (the connection is made via
shared memory).

If you were to catalog the database as a "remote" database, as in:

catalog tcpip node x remote 127.0.0.1 server 50000;
catalog database sample as rsample at node x;

And you application tries to connect to 'rsample' with no user and
password, it will fail. This is because DB2 now sees you connecting
via TCPIP.

Likewise, with JDBC: Type 2 JDBC drivers depend on the database
directory. Therefore, if the entry in the database directory is
for a local database, you can connect with no userid/password.

Type 4 JDBC drivers always use a remote connection, and therefore
you must specify a username and password.

The old "app" driver (com.ibm.db2.jdbc.app.DB2Driver) supports Type 2
connectivity only. It is deprecated in V9.

The "Universal" driver (com.ibm.db2.jcc.DB2Driver) supports *both*
Type-2 and Type-4 connectivity. Which you use depends on the URL
that you send to the getConnection() routine:

jdbc:db2:sample --> Type 2
jdbc:db2://127.0.0.1:50000/sample --> Type 4

If you use type-2 connectivity AND the entry in the database directory
is local, then you do not need to specify a user and password.

Reply to this Message