Once the Kerberos security mechanism is enabled for connections to a remote Adaptive Server, one or more of the following security services provided by Kerberos can be used:
Message confidentiality
Data is encrypted over the network to protect against unauthorized disclosure.
Message integrity
Verifies that communications have not been modified during transport.
Mutual authentication
Verifies the identity of the client and the server. The local server initiating the remote connection can request mutual authentication for all remote connection requests to target an Adaptive Server. This allows the client to verify the identity of the remote server.
The optional security services provided by Kerberos
are not enabled by default.
The following command executed on local server S1 sets message confidentiality for all connections to remote server S2 using Kerberos authentication .
sp_serveroption s2, “use message confidentiality”, true
The following command executed on local server S1 sets message integrity for all connections to remote server S2 using Kerberos authentication.
sp_serveroption s2, “use message integrity”, true
The following command executed on local server S1 sets mutual authentication for all connections to remote server S2 using Kerberos authentication.
sp_serveroption s2, “mutual authentication”, true
