Results 1 to 10 of 10
  1. #1
    Join Date
    May 2008
    Posts
    4

    Unanswered: Application user access

    Hi all,


    I am searching for help in the implementing a user for an application.

    the situation is:

    We have a Unix "AIX" server that contain:
    * DB "DB2"
    * Application

    The application access the DB using specific username and password. for example "app1"

    Our Problem is:
    If we use this user "app1" on other machine using "ssh", we can access the DB.

    So is their any way to let that user "app1" used only by the "application" so no one can access the DB from out side the server.


    http://file5.9q9q.net/local/thumbnai...36/600x600.jpg
    Last edited by Laibro; 05-14-08 at 09:17.

  2. #2
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    Using ssh means the connection comes from the server itself, not from "outside the server".
    ---
    "It does not work" is not a valid problem statement.

  3. #3
    Join Date
    May 2008
    Posts
    4
    Quote Originally Posted by n_i
    Using ssh means the connection comes from the server itself, not from "outside the server".

    thanks "n_i" to your replay


    We are accessing the server by using putty in the remote machine with using the "22" port (SSH)


    Our aim is to make sure that No one use the application "username and password" to access the DB.


    To make it clear, the below is Pic describing the situation:

    http://file5.9q9q.net/local/thumbnai...36/600x600.jpg
    Last edited by Laibro; 05-14-08 at 09:23.

  4. #4
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    It's really easy - don't give the application password to anyone.
    ---
    "It does not work" is not a valid problem statement.

  5. #5
    Join Date
    May 2008
    Posts
    4
    is thier any way to disable the remote access for specific user

  6. #6
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322
    how do they get access in the first place?

    Did iyou give them the login and pwd?
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

  7. #7
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    Quote Originally Posted by Laibro
    is thier any way to disable the remote access for specific user
    1. Like I said, there's no "remote access" the way you describe your actions.
    2. DB2 does not (can not) distinguish between "remote" and "local" access - all it knows is the user (authorization) ID.
    ---
    "It does not work" is not a valid problem statement.

  8. #8
    Join Date
    Nov 2005
    Location
    IL
    Posts
    557
    revoke connect from that user. bada bing bada bum. done.
    --
    IBM Certified DBA on DB2 for Linux, UNIX, and Windows

    DB2 v9.7.0.6 os 6.1.0.0

  9. #9
    Join Date
    Jan 2007
    Location
    Jena, Germany
    Posts
    2,721
    Also revoke CONNECT privileges from group PUBLIC - otherwise, the revoke of the privilege from the user won't give you anything at all.
    Knut Stolze
    IBM DB2 Analytics Accelerator
    IBM Germany Research & Development

  10. #10
    Join Date
    Nov 2005
    Location
    IL
    Posts
    557
    I am amazed that there are places that still give access to public. Oh wait, place where I work does <eyes rolling>
    --
    IBM Certified DBA on DB2 for Linux, UNIX, and Windows

    DB2 v9.7.0.6 os 6.1.0.0

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •