Progress/400
Product Guide
Database Security
In standard Progress, the Data Dictionary handles both database and application security. When you use Progress against a DB2/400 database, the DB2/400 security facilities handle database security, but your applications must handle application security. Before reading this section, you should understand OS/400 user profiles and OS/400 object authority. For more information about OS/400 security, see the AS/400 Security Concepts and Planning Guide .
Implementing Progress/400 Security
The AS/400 handles user security through a user profile that identifies each user to the system. The Progress/400 DataServer implements user and object security by using OS/400 user profiles to start an individual database server process (or job) on the AS/400.
When a Progress user makes a connection to a DB2/400 database, the Progress client passes the necessary user-profile information to OS/400.
For remote clients, you must provide the User ID (-U) and Password (-P) parameters at connection time:
After the client passes user-profile information and attempts to connect, the following occurs:
- The AS/400 verifies that the Progress user’s OS/400 user profile is valid.
If the user profile is not valid, the client cannot connect and receives an error message stating that the server rejected the login attempt.
- If the user profile is valid and has appropriate program-object authorities to the evoke program for the Progress/400 DataServer programs as specified in the program start request, the AS/400 verifies the user’s object authority for the database object being accessed:
In addition to the OS/400 security, you might also want to consider the following techniques to ensure security:
For more information, see the "Application Security" section in Common Product Information."
Copyright © 2004 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |