DB2 Connect

Change to authentication type negotiation through a gateway

Starting with DB2 Connect^(TM) Version 8.2.2 (equivalent to Version 8.1 FixPak 9) the gateway is no longer a passive participant during authentication negotiation. Instead, the gateway takes an active role. The authentication type specified in the database directory entry at the gateway overrides the authentication type cataloged at the client. The client, gateway, and server must all specify compatible types. If the cataloged authentication type at the gateway has not been specified in the database directory entry, SERVER authentication will be the default type requested of the server. However, negotiation will still take place between the client and server if the server does not support SERVER authentication. This behavior is in contrast to the client which defaults to SERVER_ENCRYPT if an authentication type has not been specified.

The authentication type cataloged at the gateway is not used if DB2NODE or the SQL_CONNECT_NODE option of the Set Client API has been set at the client. In these cases negotiation is still strictly between the client and the server.

A server with SERVER_ENCRYPT specified as the authentication type in the database manager configuration no longer accepts connections or attachments from clients that request SERVER authentication.

New security scenario

A new security scenario has been added for APPC connections:

Authentication: GSSPLUGIN
Security: none
Validation: GSS API security plugin mechanism

Corrections to diagrams

The following DB2 Connect^(TM) Enterprise Edition topics have diagrams that are incorrect:

Accessing host or iSeries^(TM) DB2^(R) data using DB2 Connect Enterprise Edition
Accessing DB2 data from the Web using Java^(TM)

The following table outlines corrections for diagrams in the "Accessing host or iSeries DB2 data using DB2 Connect Enterprise Edition" topic.

Table 34. Corrections for diagrams in the "Accessing host or iSeries DB2 data using DB2 Connect Enterprise Edition" topic
Location within the topic	Correction
Legend for all four diagrams	References to "DB2 for OS/390^(R) V5R1" should be "DB2 for OS/390 V6 or later". References to "DB2 for AS/400^(R) V4R2" should be "DB2 for iSeries V5R1 or later".
First diagram (Figure 1: DB2 Connect Enterprise Edition)	All references to "APPC" and "SNA Communications Support" are incorrect. SNA/APPC is not supported as an inbound protocol for the DB2 Runtime Client by DB2 Linux^(TM), Unix, and Windows^(R) servers, including DB2 Connect Enterprise Edition.

The following table outlines corrections for diagrams in the "Accessing DB2 data from the Web using Java" topic.

Table 35. Corrections for diagrams in the "Accessing DB2 data from the Web using Java" topic
Location within the topic	Correction
Legend	References to "DB2 for OS/390 V5R1" should be "DB2 for OS/390 V6 or later". References to "DB2 for AS/400 V4R2" should be "DB2 for iSeries V5R1 or later".

[ Top of Page |Previous Page | Next Page | Contents ]