Manualshelf

User guide

ManualsBrandsEXP Computer ManualsSwitchThinConnect4
121122123124125126127128129130
Obfuscated passwords are only valid when used in conjunction with a server definition in a
configuration file or as a server start up command line configuration option. To connect to
the server as a control user to carry out operations on it using the controller, the control
password you use in the connect request must still be in plain text. You cannot use the
obfuscated value as a password on connection.
Contents
8.16 Restricting Server and Database Access
In addition to the standard Rdb authorization checking that is carried out during the
connection to a database using a thin server, the databases accessed and the usernames
allowed may be restricted at the server level.
The following sub-sections detail how access to a thin server and its served databases may be
intentionally restricted.
8.16.1 Restricting Database Access
You may restrict connections made via a server to only those databases specified as allowed
databases.
This may be done by setting the
restrictAccess
property for the server in the configuration
file and then providing a list of databases that may be accessed using
allowDatabase
subsections.
Example
<server
name="srv2restrict"
type="RdbThinSrv"
url="//localhost:1701/"
restrictAccess="true">
<allowDatabase name="mf_pers"/>
<allowDatabase name="disk1:[databases]customers"/>
</server>
The name value of an
allowDatabase
subsection may be either the name of a database
already declared within the same configuration file, or the database file specification portion
of a connection URL
If a client is using a server with restricted access, then the file specification portion of the
JDBC Connection URL used must match one of the names within the allowed database
subsections. No file expansions or logical name translations are done on the Connection URL
before the server checks these names against the allowed databases, so it is important that,
apart from the variations in case, the names be exactly as specified in the allowed database
subsections.
If the server
restrictAccess
property is true and there is at least one
allowDatabase
subsection specified then the server will allow access to only those databases specified.
126