Progress/400
Product Guide


Database Security

In standard Progress, the Data Dictionary handles both database and application security. When you use Progress against a DB2/400 database, the DB2/400 security facilities handle database security, but your applications must handle application security. Before reading this section, you should understand OS/400 user profiles and OS/400 object authority. For more information about OS/400 security, see the AS/400 Security Concepts and Planning Guide .

Implementing Progress/400 Security

The AS/400 handles user security through a user profile that identifies each user to the system. The Progress/400 DataServer implements user and object security by using OS/400 user profiles to start an individual database server process (or job) on the AS/400.

When a Progress user makes a connection to a DB2/400 database, the Progress client passes the necessary user-profile information to OS/400.

For remote clients, you must provide the User ID (-U) and Password (-P) parameters at connection time:

After the client passes user-profile information and attempts to connect, the following occurs:

  1. The AS/400 verifies that the Progress user’s OS/400 user profile is valid.
  2. If the user profile is not valid, the client cannot connect and receives an error message stating that the server rejected the login attempt.

  3. If the user profile is valid and has appropriate program-object authorities to the evoke program for the Progress/400 DataServer programs as specified in the program start request, the AS/400 verifies the user’s object authority for the database object being accessed:
    • If the database-object authority is valid for the operation that the client wants to perform, the database server performs the operation.
    • If the authority is invalid, the client is denied permission to perform the attempted operation and Progress generates an error message.

In addition to the OS/400 security, you might also want to consider the following techniques to ensure security:

For more information, see the "Application Security" section in Common Product Information."


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095