Chapter 4. Security 157
4.5.5 Deploying a userid/password plug-in
To deploy a user ID/password authentication plug-in, perform the following steps
on the database server and client.
Deploying on the database server
To deploy the server security plug-in:
1. Place the user ID/password authentication plug-in library in the server's
plug-in directory.
2. Update the database manager configuration parameter
SRVCONS_PW_PLUGIN with the name of the server plug-in.
This plug-in is used now by the server when it handles connection
(CONNECT) and attachment (ATTACH) requests.
3. Either:
Set the database manager configuration parameter SRVCON_AUTH to
the CLIENT, SERVER, SERVER_ENCRYPT, DATA_ENCRYPT, or
DATA_ENCRYPT_CMP authentication type.
Or:
Set the database manager configuration parameter SRVCON_AUTH to
NOT_SPECIFIED, and set AUTHENTICATION to CLIENT, SERVER,
SERVER_ENCRYPT, DATA_ENCRYPT, or DATA_ENCRYPT_CMP
authentication type.
Deploying the database client
To deploy the client security plug-in:
1. Place the user ID/password authentication plug-in library in the client plug-in
directory on the client.
2. Update the database manager configuration parameter CLNT_PW_PLUGIN
with the name of the client plug-in.
This plug-in is loaded and called regardless of where the authentication is
being done (that is, not only when client authentication is enabled).
Note: If SRVCON_PW_PLUGIN is left blank, it will default to the
IBM-provided plug-in IBMOSauthserver.
Note: If CLNT_PW_PLUGIN is left blank, it will default to the IBM-provided
plug-in IBMOSauthclient.

Get DB2 UDB V8.2 on the Windows Environment now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.