TS ODBC DataServer (Security Overview)TS ODBC DataServer (Security Overview)
Security is a major issue especially in the accessing multi-user applications. With ad hoc ODBC-enabled query tools available, it is important to insure that only authorized users are able to query and modify your application's data. This section describes:
TS ODBC enforces database-user connection security. The security features are comprehensive and flexible and should cover virtually all user requirements for connection level security. For complete details on OPENworkshop® or Dictionary-IV security, see the appropriate reference manual.
A Client Connection requesting access to a Thoroughbred DataSource requires an IDOL-IV login. The ODBC Driver will attempt to determine an automatic login and password prior to prompting the user using one of the methods below:
If a login and password cannot be found, or the above fails authentication, the ODBC Driver prompts for them. For more information, see the User Login and Authentication section.
A connect request is sent to the server with whatever information is available. The server will complete the connection and return the result of the login procedure below. The ODBC Driver will request any missing information from the user and send the results to the server. This is repeated until all needed information is verified or the user cancels.
User Login and Authentication
If the automatic login fails, the user will be prompted for a login and password. The Login dialog box prompts for either User-ID (if OPENworkshop security is active) or Operator Code (if IDOL-IV passwords is active).
If the user is prompted for a User-ID, it will be validated against the OPENworkshop security file (typically a UNIX login). If OPENworkshop security is active and the User-ID and a Shadow Password file exist, it will be used for password validation. Otherwise, the Operator Code will be used for validation and the Operator Code password will be checked. For more information, go to the View user ids option from the OPENworkshop Security Menu or see the OPENworkshop Reference Manual.
Each OPENworkshop User-ID is linked to an IDOL-IV Operator Code.
LINK (Tables) Security
The following tests are performed, if either OPENworkshop security or IDOL-IV security password is active.
DATANAME (Column) Security
Dataname Security does not require the IDOL-IV security being active. If security is inactive or there is no security value (Format) for a dataname, '0,0'will be used as the security value. If group codes are present and the user is a member of one of the groups, the group security code is used instead. The effect of the Dataname Security on each ODBC operation is:
RECORD LEVEL (Row) Security
Record level security can only be used when OPENworkshopsecurity is active. Record level security is indicated by a security-mode 4 (Format) on a two-character column. If group codes are present ant the user is a member of one of the groups, the group security code is used instead. The effect of Record level security on each ODBC operation is:
Thoroughbred, OPENworkshop, and IDOL-IV are registered trademarks of Thoroughbred Software International, Inc.