JDBC Server Programmer's Reference

Controlling Database Access With jdbcSecurityMgr

If you have chosen to request user authentication, Java programs that use the NonStop JDBC Server must supply a user ID and

a password when they attempt to connect to a NonStop SQL database. The NonStop JDBC Server checks this user ID and

password against its JDBC Security File, which you can view and change using the Java application jdbcSecurityMgr.

Supplying the User ID and Password in the Client Application

The client application supplies a user ID and password when it attempts to connect to the database. This information can either

be sent as parameters to DriverManager.getConnection() or be added to the System Properties.

For example, the following code attempts to connect to a NonStop SQL/MP database running on the host ServerHost using

the user ID wumpus and the password CatNip101:

import java.sql.*;

...

Connection con = DriverManager.getConnection("t3jdbc:sqlrmi: \

> //ServerHost/jdbc:sqlmp:", "wumpus", "CatNip101");

The following code creates a Properties object, stores a user ID and password in that object, and then uses that object to set the

System Properties. If a user ID and password are set by means of System Properties, do not send them as parameters to

DriverManager.getConnection().

import java.sql.*;

...

Properties prop=System.getProperties();

prop.put("user","wumpus");

prop.put("password","CatNip101");

Connection con = DriverManager.getConnection("t3jdbc:sqlrmi: \

> //ServerHost/jdbc:sqlmp:", prop);

Note: If the JDBC Server was started with the System Property -DencPassword=true specified, you must

also specify this System Property when executing a client program. For example:

java -DencPassword=true TestClient ...

Understanding the JDBC Security File

The JDBC Server validates the user ID and password by comparing them to entries in the JDBC Security File that was

specified with the jdbcSecurityFile System Property. If you have chosen to require user authentication but have not

specified the jdbcSecurityFile System Property, the JDBC Server expects to find the security file in

usr/tandem/java/lib/jdbcSecurity.file.

Note: The format of the jdbcSecurityFile may change from version to version of the JDBC Server. If such

a change occurs, the demo directory contains a program called translateSecurityFile that can be used to

move the contents of the old security file to the new security file. See the file demo/README_SECURITYFILE

on the product CD for more information.

Modifying the JDBC Security File

To modify the JDBC Security File, specify the jdbcSecurityFile System Property when you start the JDBC server.

After you have started the server, you can use the Java application jdbcSecurityMgr to issue commands to add, change,

delete, or view information in the file.