1.1
Table Of Contents
- Contents
- About the SQLFire User's Guide
- Supported Configurations and System Requirements
- Getting Started with vFabric SQLFire
- Managing Your Data in vFabric SQLFire
- Designing vFabric SQLFire Databases
- Using Server Groups to Manage Data
- Partitioning Tables
- Replicating Tables
- Estimating Memory Requirements
- Using Disk Stores to Persist Data
- Exporting and Importing Data with vFabric SQLFire
- Using Table Functions to Import Data as a SQLFire Tables
- Developing Applications with SQLFire
- Starting SQLFire Servers with the FabricServer Interface
- Developing Java Clients and Peers
- Configuring SQLFire as a JDBC Datasource
- Storing and Loading JAR Files in SQLFire
- Developing ADO.NET Client Applications
- About the ADO.NET Driver
- ADO.NET Driver Classes
- Installing and Using the ADO.NET driver
- Connecting to SQLFire with the ADO.NET Driver
- Managing Connections
- Executing SQL Commands
- Working with Result Sets
- Storing a Table
- Storing Multiple Tables
- Specifying Command Parameters with SQLFParameter
- Updating Row Data
- Adding Rows to a Table
- Managing SQLFire Transactions
- Performing Batch Updates
- Generic Coding with the SQLFire ADO.NET Driver
- Using SQLFire.NET Designer
- Understanding the Data Consistency Model
- Using Distributed Transactions in Your Applications
- Using Data-Aware Stored Procedures
- Using the Procedure Provider API
- Using the Custom Result Processor API
- Programming User-Defined Types
- Using Result Sets and Cursors
- Caching Data with vFabric SQLFire
- Deploying vFabric SQLFire
- SQLFire Deployment Models
- Steps to Plan and Configure a Deployment
- Configuring Discovery Mechanisms
- Starting and Configuring SQLFire Servers
- Configuring Multi-site (WAN) Deployments
- Configuring Authentication and Authorization
- Configuring User Authentication
- User Names in Authentication and Authorization
- Configuring User Authorization
- Configuring Network Encryption and Authentication with SSL/TLS
- Managing and Monitoring vFabric SQLFire
- Configuring and Using SQLFire Log Files
- Querying SQLFire System Tables and Indexes
- Evaluating Query Plans and Query Statistics
- Overriding Optimizer Choices
- Evaluating System and Application Performance
- Using Java Management Extensions (JMX)
- Best Practices for Tuning Performance
- Detecting and Handling Network Segmentation ("Split Brain")
- vFabric SQLFire Reference
- Configuration Properties
- JDBC API
- Mapping java.sql.Types to SQL Types
- java.sql.BatchUpdateException Class
- java.sql.Connection Interface
- java.sql.DatabaseMetaData Interface
- java.sql.Driver Interface
- java.sql.DriverManager.getConnection Method
- java.sql.PreparedStatement Interface
- java.sql.ResultSet Interface
- java.sql.SavePoint Class
- java.sql.SQLException Class
- java.sql.Statement Class
- javax.sql.XADataSource
- sqlf Launcher Commands
- sqlf backup
- sqlf compact-all-disk-stores
- sqlf compact-disk-store
- sqlf encrypt-password
- sqlf install-jar
- sqlf list-missing-disk-stores
- sqlf locator
- sqlf Logging Support
- sqlf merge-logs
- sqlf remove-jar
- sqlf replace-jar
- sqlf revoke-missing-disk-store
- sqlf server
- sqlf show-disk-store-metadata
- sqlf shut-down-all
- sqlf stats
- sqlf upgrade-disk-store
- sqlf validate-disk-store
- sqlf version
- sqlf write-data-dtd-to-file
- sqlf write-data-to-db
- sqlf write-data-to-xml
- sqlf write-schema-to-db
- sqlf write-schema-to-sql
- sqlf write-schema-to-xml
- sqlf Interactive Commands
- absolute
- after last
- async
- autocommit
- before first
- close
- commit
- connect
- connect client
- connect peer
- describe
- disconnect
- driver
- elapsedtime
- execute
- exit
- first
- get scroll insensitive cursor
- GetCurrentRowNumber
- help
- last
- LocalizedDisplay
- MaximumDisplayWidth
- next
- prepare
- previous
- protocol
- relative
- remove
- rollback
- run
- set connection
- show
- wait for
- SQLFire API
- SQL Language Reference
- Keywords and Identifiers
- SQL Statements
- ALTER TABLE
- CALL
- CREATE Statements
- DECLARE GLOBAL TEMPORARY TABLE
- DELETE
- EXPLAIN
- DROP statements
- GRANT
- INSERT
- REVOKE
- SELECT
- SET ISOLATION
- SET SCHEMA
- TRUNCATE TABLE
- UPDATE
- SQL Queries
- SQL Clauses
- SQL Expressions
- JOIN Operations
- Built-in Functions
- Standard Built-in Functions
- Aggregates (set functions)
- ABS or ABSVAL function
- ACOS function
- ASIN function
- ATAN function
- ATAN2 function
- AVG function
- BIGINT function
- CASE expressions
- CAST function
- CEIL or CEILING function
- CHAR function
- COALESCE function
- Concatenation operator
- COS function
- COSH function
- COT function
- COUNT function
- COUNT(*) function
- CURRENT DATE function
- CURRENT_DATE function
- CURRENT ISOLATION function
- CURRENT_ROLE function
- CURRENT SCHEMA function
- CURRENT TIME function
- CURRENT_TIME function
- CURRENT TIMESTAMP function
- CURRENT_TIMESTAMP function
- CURRENT_USER function
- DATE function
- DAY function
- DEGREES function
- DOUBLE function
- EXP function
- FLOOR function
- HOUR function
- INTEGER function
- LCASE or LOWER function
- LENGTH function
- LN or LOG function
- LOG10 function
- LOCATE function
- LTRIM function
- MAX function
- MIN function
- MINUTE function
- MOD function
- MONTH function
- NULLIF expressions
- PI function
- RADIANS function
- RANDOM function
- RAND function
- RTRIM function
- SECOND function
- SESSION_USER function
- SIGN function
- SIN function
- SINH function
- SMALLINT function
- SQRT function
- SUBSTR function
- SUM function
- TAN function
- TANH function
- TIME function
- TIMESTAMP function
- TRIM function
- UCASE or UPPER function
- USER function
- VARCHAR function
- XMLEXISTS operator
- XMLPARSE operator
- XMLQUERY operator
- XMLSERIALIZE operator
- YEAR function
- SQLFire Built-in Functions
- Standard Built-in Functions
- Built-in System Procedures
- Standard Built-in Procedures
- SYSCS_UTIL.EMPTY_STATEMENT_CACHE
- SYSCS_UTIL.EXPORT_QUERY
- SYSCS_UTIL.EXPORT_TABLE
- SYSCS_UTIL.IMPORT_DATA
- SYSCS_UTIL.IMPORT_DATA_EX
- SYSCS_UTIL.IMPORT_DATA_LOBS_FROM_EXTFILE system procedure
- SYSCS_UTIL.IMPORT_TABLE
- SYSCS_UTIL.IMPORT_TABLE_EX
- SYSCS_UTIL.IMPORT_TABLE_LOBS_FROM_EXTFILE
- SYSCS_UTIL.SET_EXPLAIN_CONNECTION
- SYSCS_UTIL.SET_STATISTICS_TIMING
- JAR Installation Procedures
- Callback Configuration Procedures
- Heap Eviction Configuration Procedures
- WAN Configuration Procedures
- Standard Built-in Procedures
- Data Types
- SQL Standards Conformance
- System Tables
- ASYNCEVENTLISTENERS
- GATEWAYRECEIVERS
- GATEWAYSENDERS
- INDEXES
- JARS
- MEMBERS
- MEMORYANALYTICS
- STATEMENTPLANS
- SYSALIASES
- SYSCHECKS
- SYSCOLPERMS
- SYSCOLUMNS
- SYSCONGLOMERATES
- SYSCONSTRAINTS
- SYSDEPENDS
- SYSDISKSTORES
- SYSFILES
- SYSFOREIGNKEYS
- SYSKEYS
- SYSROLES
- SYSROUTINEPERMS
- SYSSCHEMAS
- SYSSTATEMENTS
- SYSSTATISTICS
- SYSTABLEPERMS
- SYSTABLES
- SYSTRIGGERS
- SYSVIEWS
- Exception Messages and SQL States
- ADO.NET Driver Reference
- SQLFire Data Types in ADO.NET
- VMware.Data.SQLFire.BatchUpdateException
- VMWare.Data.SQLFire.SQLFClientConnection
- VMware.Data.SQLFire.SQLFCommand
- VMware.Data.SQLFire.SQLFCommandBuilder
- VMware.Data.SQLFire.SQLFType
- VMware.Data.SQLFire.SQLFDataAdapter
- VMware.Data.SQLFire.SQLFDataReader
- VMware.Data.SQLFire.SQLFException
- VMware.Data.SQLFire.SQLFParameter
- VMware.Data.SQLFire.SQLFParameterCollection
- VMware.Data.SQLFire.SQLFTransaction
- vFabric SQLFire Limitations
- Troubleshooting Common Problems
- vFabric SQLFire Glossary
- Index
If you include the token %USERNAME% in the sqlfire.auth-ldap-search-filter definition, then
SQLFire replaces the token with the user name that is being authenticated. If do not provide a search-filter,
then SQLFire uses the default search filter:
(&(objectClass=inetOrgPerson)(uid=%USERNAME%))
If you provide a search filter that does not have the %USERNAME% token, then SQLFire prepends the token to
the default search filter. For example:
(&(<provided_filter>)(objectClass=inetOrgPerson)(uid=%USERNAME%))
Example LDAP Search Configuration
For example, consider the following LDAP search invoked using the OpenLDAP ldapsearch
tool:
ldapsearch -b ou=users,dc=domain,dc=com /* base DN */
-x /* non-SASL plain-text authentication */
-D uid=test,ou=ldapTesting,dc=domain,dc=com /* bind DN
*/
-w test /* bind password */
"(&(objectClass=user)(uid=user1))" /* filter */
To configure this search with SQLFire you would use the properties:
sqlfire.auth-ldap-search-base=ou=users,dc=domain,dc=com
sqlfire.auth-ldap-search-filter=(&(objectClass=user)(uid=%USERNAME%))
sqlfire.auth-ldap-search-dn=uid=test,ou=ldapTesting,dc=domain,dc=com
sqlfire.auth-ldap-search-pw=test
LDAP Restrictions and Performance Guidelines
SQLFire does not support LDAP groups.
For performance reasons, the LDAP directory server should be in the same LAN as SQLFire. SQLFire does not
cache the user's credential information locally and thus must connect to the directory server every time a user
connects.
Connection requests that provide the full DN are faster than those that must search for the full DN.
JNDI-Specific Properties for External Directory Services
SQLFire allows you to set a few advanced JNDI properties, which you can set by any supported means of setting
SQLFire properties. Typically you would set these at the same level (database or system) for which you configured
the external authentication service.
The list of supported properties can be found in Appendix A: JNDI Standard Environment Properties in the Java
Naming and Directory API at http://download.oracle.com/javase/1.5.0/docs/guide/jndi/spec/jndi/properties.html.
The external directory service must support the property.
Each JNDI provider has its set of properties that you can set within the SQLFire system.
For example, you can set the property java.naming.security.authentication to allow user credentials to be encrypted
on the network if the provider supports it. You can also specify that SSL be used with LDAP (LDAPS).
JMX and Authentication
If you use the SQLFire JMX Agent to administer and manage an authentication-enabled distributed system, the
agent must provide security credentials. Security properties cannot be passed to a JMX Agent on the command
line, but they can be supplied at startup by adding the security-specific Java system properties (-D properties).
With the properties specified, the call to Agent.connectToSystem causes the agent to be authenticated with the
distributed system. SQLFire security does not manage RMI clients to the JMX Agent. Once connected, the JMX
vFabric SQLFire User's Guide244
Deploying vFabric SQLFire