[Info-ingres] Database security - best practices

#1

Hi all,

I would like to hear some comments from other ingres administrators
about best practices on user authentication and access control when
connecting to ingres databases from:
-Intranet applications (openroad images as clients)
-Internet applications (PHP, Java, etc.)

- Installation Password - I saw a presentation from CA world 2003 -
DN223SN - saing "never use installation passwords..."
- II_PROMPT1 - II_PROMPTALL - it seems there are some problems when
using WTS
- fixed users on vnode (netutil)
- Using roles
- LDAP, etc

Any sugestions here are wellcome.
Thanks in advance to someone who has some useful comments or links on
this issue.

Leandro Fava
DBA-SINF-UNISC http://www.unisc.br
Presidente IUG-BR http://www.iug-br.org
Fone: +55 51 3717 7636

#2

Leandro Pinto Fava wrote:

Quote:

Hi all,

I would like to hear some comments from other ingres administrators
about best practices on user authentication and access control when
connecting to ingres databases from:
-Intranet applications (openroad images as clients)
-Internet applications (PHP, Java, etc.)

We're in the 'etc' category: IIS/ASP.

Quote:

- Installation Password - I saw a presentation from CA world 2003 -
DN223SN - saing "never use installation passwords..."
- II_PROMPT1 - II_PROMPTALL - it seems there are some problems when
using WTS
- fixed users on vnode (netutil)
That's what we do. I wouldn't go calling that 'best practices' by any

means, but it's the best we can do with Ingres. This workaround (I'd
hardly call it a solution) was adviced by CA for our situation.

Emile

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

[Info-ingres] Database security - best practices

comp.databases.ingres comp.databases.ingres

[Info-ingres] Database security - best practices - 08-23-2005 , 09:44 AM

Re: [Info-ingres] Database security - best practices - 08-28-2005 , 03:00 PM