Enabling trusted context for DB2 databases

Enable trusted context in your applications to improve how the application server interacts with DB2® database servers. Use trusted connections to preserve the identity records of clients that are connecting to a DB2 database through your applications; trusted connections can provide a more secure environment by granting access based on the identity of those users.

Before you begin

Ensure that the following prerequisites are met before enabling trusted connections:

About this task

With trusted connections you can:
  • Access the DB2 database with the caller identity, obviating the need to create a new connection for every user.
  • Preserve the identity of the end-user when the application server is interacting with the database.
  • Strengthen database security by avoiding granting all of the privileges to a single user.
  • Improve performance, as compared to the existing model of using the resetConnection() method to take advantage of identity propagation.
Note: Non-trusted connections cannot be used as trusted connections. If the connection pool contains only non-trusted connections and a request comes in for a trusted connection, a new request will be sent to the database for the trusted connection.

Procedure

Enable trusted context for your applications.

What to do next

Be aware of the following error conditions that can occur if trusted context is not configured properly:
Task topic    

Terms and conditions for information centers | Feedback

Last updated: April 20, 2014 08:46 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-nd-mp&topic=tdat_trustedcontext
File name: tdat_trustedcontext.html