Securing data sources

Subtopics

• Java EE connector security
  The Java 2 Platform, Enterprise Edition (Java EE) connector architecture defines a standard architecture for connecting J2EE to heterogeneous enterprise information systems (EIS). Examples of EIS include Enterprise Resource Planning (ERP), mainframe transaction processing (TP) and database systems.

• Enable trusted context for DB2 databases
  Enable trusted context in the applications to improve how the application server interacts with DB2 database servers. Use trusted connections to preserve the identity records of clients that are connecting to a DB2 database through the applications; trusted connections can provide a more secure environment by granting access based on the identity of those users.

• Configure the application server and DB2 to authenticate with Kerberos
  The Kerberos authentication mechanism may be used when both WebSphere Application Server and the DB2 server are configured for Kerberos authentication. Kerberos authentication can provide single sign on (SSO) end-to-end interoperable solutions and preserves the original requester identity.

• (iseries) Configure data access security
  Safeguard access to the enterprise data by designating credentials that WAS uses to authenticate database connections.

• (zos) Connection thread identity
  The application server for z/OS allows you to assign a thread identifier as an owner of a connection, when you first obtain the connection. The thread identity function only applies to Java EE Connector Architecture (JCA) resource adapters and Relational Resource Adapter (RRA) wrappered JDBC providers that support the use of thread identity for connection ownership.

• (zos) Use thread identity support
  The thread identity function allows us to assign a thread identifier as an owner of a connection when you first obtain the connection. This function only applies to Java EE Connector Architecture (JCA) resource adapters and Relational Resource Adapter (RRA) wrappered JDBC providers that support the use of thread identity for connection ownership.