 | |
User authentication failed to ingres DB through JDBC
comp.databases.ingres comp.databases.ingres
 |
| | Thread Tools | Display Modes |
#21
 
| |||
| |||
|
Re: [Info-Ingres] User authentication failed to ingres DB throughJDBC -
11-20-2009
, 11:09 AM
|
On 19/11/09 18:50, Mike Leo wrote: So ... what about the password? If I run the procedure you mention do I need a password to connect to the user 'ingres' ? It is still very unclear. As you are aware there are/can be two passwords for accessing Ingres (ignoring roles), an OS validated password and a DBMS password setup using accessdb or the CREATE/ALTER USER statement. In a standard Ingres installation the GCF (General Comms Facility) authentication mechanism will take the user/password pair supplied via JDBC/.NET/ODBC/Python/PHP/Ruby/Ingres NET and validate it against the operating system or an external source such LDAP/PAM. When the "null" mechanism is used/enabled this OS/system password check does not happen. All we do is verify that the user you are connecting as is a known Ingres user. You would get the same effect I believe on UNIX/Linux if you set II_SHADOW_PWD=/bin/true. With this setup you can connect to Ingres as a known Ingres user, say 'ingres', and then proceed to take over the world. Adding a DBMS password when creating a user using: CREATE USER mikey WITH PASSWORD = 'secret' will require that the dbms password for mikey is presented at connect time. Existing accounts can have password added using the statement: ALTER USER mikey WITH PASSWORD = 'secret' This in effect gives you the ability to authenticate against Ingres directly without the need to have the user setup in the local operating system or in a directory service such as AD or LDAP. hope this is a bit clearer regards grant |
Thank you greatly,
Mikey
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Powered by vBulletin Version 3.5.3
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.