User guide
Example
<server
name="srv2restrict"
type="RdbThinSrv"
url="//localhost:1701/"
restrictAccess="true">
<allowUser name="jdbc_user"/>
<allowUser name="smith"/>
<allowUser name="jones"/>
</server>
The name value of an
allowUser
subsection must be a valid Rdb username.
If a client intends to use a server with restricted user access, then the username used for the
connection must match one of the names within the allowed user subsections. The username
match is not case-sensitive.
If the server
restrictAccess
property is true and there is at least one
allowUser
subsection
specified then the server will restrict access to only those users specified.
If the server
restrictAccess
property is false or not specified or if no
allowUser
subsection is specified for the server then no user restrictions will be applied to the server.
8.16.3 Further server access protection
In addition to restricting the databases accessed and the users allowed to use the server, a
server may also be protected using a server password.
This may be done by setting the
srv.password
property for the server in the configuration
file. This password may be either a plain text password or an obfuscated password value.
Oracle recommends the use of obfuscated passwords in the configuration files. You may use
the DIGEST function within the Controller application to generate an obfuscated password.
See Password Obfuscation in Server Configuration Files
for more details.
To make a successful connection to a database using a password-protected server the client
connection properties must also provide the plain text value of the password on the client
connection request.
Example
<server
name="srv2restrict"
type="RdbThinSrv"
url="//localhost:1701/"
srv.password="0x811B15F866179583EB3C96751585B843"
/>
128