Open Server applications can read the properties of a client connection request to determine which security mechanism to use and which services to perform.
By default, an Open Server application supports the security mechanisms listed in libtcl.cfg. Administrators can further restrict the list of supported mechanisms by adding a secmech attribute to the server’s directory entry or a secmech line to the Open Server application’s sql.ini file entry.
When an Open Client application requests a security session from an Open Server application:
Server-Library reads the security token that was sent with the client connection request. The security token contains the object identifier for the security mechanism that the client uses.
If the Open Server application’s sql.ini entry or directory service entry lists the secmech line/attribute, Server-Library searches the secmech line/attribute for a value corresponding to the object identifier specified in the security token. If a matching value is not found, the connection request is rejected.
Server-Library searches objectid.dat to match the object identifier with the local name of the security mechanism.
See “The objectid.dat file” for reference information about objectid.dat.
Server-Library loads the security driver associated with the local name of the security mechanism. The security driver is listed in libtcl.cfg.