Replication Server coordinates data replication activities for local data servers and exchanges data with Replication Servers and data servers at other sites. Each of these pathways can be configured for network-based security.
When Replication Server is acting as a client, you can configure security for:
All pathways established when Replication Server logs in to another server. These are default global settings.
The connection to the RSSD.
Individual connections.
Individual routes.
Replication Server to ID Server pathway.
Pathways used to create a route, create a subscription, or drop a subscription.
When Replication Server is acting as a server, you can configure security for:
All incoming logins. These are default global settings.
User connection to Replication Server (set when logging on).
Pathway |
How to secure it |
Special parameters and exceptions |
|---|---|---|
All pathways initiated by the current Replication Server (acting as a client) |
Set global security parameters using configure replication server. This is the default setting for all outgoing logins unless overridden for individual pathways. |
Use use_security_services to turn off all network security with a single command. See “Disabling network-based security”. |
Connection to the RSSD |
Use a text editor to configure the rs_config file. |
Security parameters have an “RSSD_” prefix. For example: RSSD_unified_login. |
Individual connections |
Set security parameters for a connection to a remote database with:
See the Replication Server Reference Manual for more information about these commands. |
Use dsi_exec_request_sproc to suspend request stored procedures. See “Configuring security for database connections”. |
Individual routes defined using the create route command |
Set security parameters using:
See the Replication Server Reference Manual for more information about these commands. |
|
Replication Server to ID Server |
Set security parameters with configure replication server. See the Replication Server Reference Manual for more information about this command. |
Security parameters have an “id-” prefix. For example: id_msg_confidentiality. |
Replication Server to primary Replication Server and primary database to:
|
Replication Server duplicates the security settings used when the user creating the route or creating or dropping the subscription logs in to Replication Server. See “Borrowing security settings to secure other pathways” for more information. |
|
All incoming logins (Replication Server acting as server) |
Set parameters for incoming logins with configure replication server. Default parameters for outgoing and incoming parameters are set at the same time and are identical. |
|
Pathway established when user logs in to Replication Server. |
Set security parameters with the isql utilities. |
Security parameters set for this pathway must be compatible with those set at the Replication Server for all incoming logins. Security for this pathway cannot be configured using the rs_init utility. |
