Install the CyberSafe software on your system: CyberSafe Challenger version 5.3.1 or later for Open Client and Open Server 12.0; CyberSafe TrustBroker for Open Client and Open Server 12.5 or later.
Install CyberSafe Application Development Kit version 1.1.
Set the credentials (desired security features) using ct_con_props, or use the default credentials by not setting credential properties.
Configure the security section of the libtcl.cfg configuration file.
Verify that the application has a preexisting user credential to connect to the server. In other words, the user of the application must log in to CyberSafe before running the client application.
Log in to the CyberSafe security mechanism with the CyberSafe utility kinit before running your Client-Library application.
If a user name is supplied, it must match the user’s preexisting credential. If a user name is not supplied, Client-Library connects to the server using the user name associated with the user’s CyberSafe credential.
The environment variable CSFC5CCNAME, sets the path to the credentials cache file. If the corresponding file is located in a non-default directory, set the environment variable to the file’s full path.
For more information, refer to your CyberSafe documentation.
The gssapi.dll and csfc516.dll files must be in the path while running your Client-Library application. These two DLLs are not provided by Sybase, but they are included with some CyberSafe products. If these two DLLs are not included with your CyberSafe product, contact CyberSafe to obtain their GSS-API library.
No extra flags are required when compiling your Client-Library applications to use CyberSafe Kerberos security services.
Once you have configured Open Client and Open Server and CyberSafe Kerberos, use the following command (without -U and -P arguments) to test your configuration:
isql -V
See README.SEC in the SYBASE_OCS/sample/srvlibrary directory for an example of configuring and running the example program.
