ITEM: AB6747L

DDCS/6000: programmer/bind userid's

Question:

Pat needs to understand how she should set up many programmers
creating DDCS application programs.  Does each programmer
create applications on their own userid, or do they connect
as a common id? Where is this documented?
1.DDCS/6000 User guide - pg 39 - precompile & bind
2.Programming Guide - pg 80 - authorization checking
3.Programming Reference - pg 5 - Bind command
4.Programmer Reference - Appx D - Precompiler in-depth
5.Client Server Computing - GG24-3727-00 pg88 -
        DRDA & program preparation
6. DRDA Planning & Design Guide - GG24-3755-00 pg 51
        Program design techniques
7. DRDA Scenarios - CC24-3513-00 general examples.
8. Administration guide - pg 80 - Allowing indirect privileges
        through a package.

Response:

Called phone mail left message.

Response:

Pat called, asked a question, and I told her I would research and respond.              
I researched.  I called and left her a message.  She never called back.
That was almost a month ago.
So I called and left another message.  That was 3 weeks ago.
Now she is calling again and asking all over again, and wants
to talk to someone else. (See item AC1654 which I will close.)
Can someone call her at (215) 851-4577 to talk to her about:
Setting up a group of programmers that can test against one set
of databases, and then turn over the code to the DBA for production
use of a different database, and yet keep the userid & password out
of the compiles and SQL. And the authorities needed to get this done.

Response:

The following information is what I have received from DB2/MVS
developers and it should  answer your questions.
 Q: when DB2/6000 bind a package to DB2/MVS thru DDCS/6000,
    what is the collection id used by DB2/MVS?

 A: The userid that bound the package to DB2MVS is
    used as the collection id.


Q: and where are the owner and qualifier supplied?

A: The owner and qualifier are not specified by DB2/6000.
   DB2/MVS uses the defaults for these options which is
   the binder's id.

Q: How does people normally do security from DB2/6000? A: DB2/6000
restrictions for collection_ids make it difficult
   to support DB2/6000 packages in the normal DB2/MVS
   authorization scheme and package management. But,
   DB2/6000 V2 should eliminate all of these restrictions.
   V2 will be able to support all the DB2/MVS bind options
   for DB2/6000 packages being bound to a DB2/MVS server.
   Also V2 will support the SET CURRENT PACKAGESET SQL stmt
   for DB2/MVS servers.

Q: Do they use inbound translation? do they normally rebind
  the package at DB2/MVS to change the owner and qualifier?

A:  I have heard of customers that use all of the above
    techniques to get around these restrictions.
    For userids, DDCS restrictions on lowercase/uppercase
    userids for already verified connections will be
    eliminated. AIX SNA and DB2/MVS are planing to fold ids to the
    appropriate case. AIX SNA will fold userids to lower case
    when receiving ids from DB2/MVS. DB2/MVS will fold userids
    to upper case when receiving ids from DB2/6000.000038
    Currently DB2/6000 and DB2/MVS do not coexist very well.
    But DB2/6000 and DB2/2 V2 will help the situation
    considerable.



Support Line: DDCS/6000: programmer/bind userid's ITEM: AB6747L

Dated: January 1995 Category: N/A

This HTML file was generated 99/06/24~13:30:31

Comments or suggestions?
Contact us