To configure security for individual connections, use create connection or alter connection. Security parameters configured with these commands affect security for the outgoing connection to the data server. They override parameters set with configure replication server.
You can set security parameters when you create a connection with create connection. Normally, you use this command to add connections to non-Sybase databases.
Here is the syntax for including security features with the create connection command. See create connection in the Replication Server Reference Manual for detailed information about using create connection.
create connection to data_server.database...
set username [to] user
[set password [to] passwd]
[set security_mechanism [to] 'mechanism_name' |
set dsi_exec_request_sproc [to] { 'on' | 'off' } |
set security_mechanism [to] 'mechanism_name' |
set security_parameter [to] { 'required' |
'not_required' } ]
Table 8-8 describes the security parameters you can set with create connection. In addition, you can set the dsi_exec_request_sproc parameter described in Table 8-10.
Connections parameters are stored in the rs_config table in the RSSD, and you must have sa permission to execute them.
security_parameter |
Description |
|---|---|
dsi_exec_request_sproc |
Indicates whether request stored procedures at the primary Replication Server are “off” or “on.” Use in multiple security-system environments. Refer to “Using more than one security mechanism” for more information. Default: off |
Security parameters set at both ends of a connection must be compatible. See “Planning for compatible settings” for details.
To change the security settings for a database connection, use alter connection.
Here is the syntax for altering security:
alter connection to data_server.database {
...
set password to passwd |
set security_mechanism to 'mechanism_name' |
set dsi_exec_request_sproc to { 'on' | 'off' } |
set security_parameter to { 'required' |
'not_required' }}
Refer to Table 8-8 and Table 8-10 for a list and description of parameters you can alter.
To change the security parameters of a database connection, perform these steps at the Replication Server:
Execute suspend connection to suspend activity on the connection.
Execute alter connection to change security parameters. Set one parameter at a time.
Execute resume connection to resume activity on the connection.
This section provides some examples of using alter connection.
To require Replication Server to connect to the target database (TOKYO_DS.pubs2) with a credential, execute:
alter connection to TOKYO_DS.pubs2 set unified_login to 'required'
unified_login must be “required” for
other security services to take effect.
To turn “off” request stored procedures at the TOKYO data server in a multiple security-system environment, execute:
alter connection to TOKYO_DS.pubs2 set dsi_exec_request_sproc to 'off'
