Results 1 to 2 of 2
  1. #1
    Join Date
    Sep 2010
    Posts
    2

    Question Unanswered: Filter DB2 Accessses by IP

    Hi i got a little problem here.

    Is it possible to filter my database accesses by ip ?

    i have an instance db2inst01 with some databases version 9.5 for LUW.

    there are also some user accounts.

    now i got the problem that i want to give special roles by checking the IP from the User.

    for example:
    user001 opens a connection to my database01 from IP 192.168.1.250

    this ip is in the subnet/range 192.168.1.0/24 so i want to give the user the role admin with drop,insert,create...

    BUT if this user tries to connect from an IP outside the range above i want to give him the role "visitor" or to block/decline the access.

    Is there a possibility to solve this problem or an ordinary db2 statement i have read over ?

    thanks for your help
    Florian
    Last edited by banki24; 09-02-10 at 06:48.

  2. #2
    Join Date
    Sep 2010
    Posts
    2
    so after some tries i partially solved the problem.

    first i created a BLANK user "user007" without any privileges.

    account was not able to select * from any table.

    after that i created a role "test" with the privileges SELECT.

    i ve created a trusted context on my database with this command:


    CREATE TRUSTED CONTEXT AdminUserCtxt
    BASED UPON CONNECTION USING SYSTEM AUTHID test007
    ATTRIBUTES (ADDRESS '22.22.81.115')
    DEFAULT ROLE test
    ENABLE;

    after a connect the user was able to execute selects from the tables.

    to verify i changed the ip in the trusted context, and the user wasnt able to execute select any more

    it works with this simple privileges.

    maybe anyone knows a better or easier way ?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •