Configuring rules and authentication for dashDB

Configure Server Event Facility (SEF) rules and set up authentication to provide access to IBM dashDB databases.

About this task

To complete configuration for access to dashDB databases, you must activate SEF rules and optionally set up authentication.

It is common for data centers to assign different user IDs for access to z/OS and for access to dashDB. By default, the server will attempt to log on to dashDB with the same user ID that was presented for logon to z/OS. A facility is provided in the server to optionally change the logon credentials for a user when accessing dashDB.

This task uses the following tools:

HLVSDDBC
An SQL rule that allows Meta discovery on dashDB databases.
HLVDRATH
A utility that sets encrypted passwords in GLOBALU variables. You can also use this utility to list existing credential information.
HLVEDDBG
An ATH rule that switches credentials when connecting to a dashDB database using DRDA. This rule uses AES encrypted passwords stored as GLOBALU system variables.

Procedure

  1. Auto-enable the SQL rule SHLVXSQL(HLVSDDBC) to allow Accelerator Loader studio Meta discovery on dashDB databases.
    1. On the Administer Accelerator Loader Server menu, select option 3 for Manage Rules.
    2. Select option 2 for SEF Rule Management.
    3. Enter * to display all rules, or SQL to display only SQL rules.
    4. Enable the rule by specifying E and pressing Enter.
    5. Set the rule to Auto-Enable by specifying A and pressing Enter.
      Setting the rule to Auto-enable activates the rule automatically when the server is restarted.
  2. Optional: To define alternate authentication information, use the sample job HLVDRATH to add a global default user definition or authentication information for specific mainframe users as follows:
    1. Locate the HLVDRATH member in the hlq.SHLVCNTL data set.
    2. Modify the JCL according to the instructions provided in the HLVDRATH member.

      When adding the SYSIN statements that define the alternate credentials for logging in to your dashDB database, as instructed in the JCL, make sure to specify the correct DBTYPE. For dashDB, specify DBTYPE=DASHDB.

    3. Submit the job.
    4. Optional: To verify the information stored in the GLOBALU variables and list existing authentication, use the REPORT=SUMMARY statement in the HLVDRATH member and submit the job.
  3. Optional: If using alternate authentication information, auto-enable the SEF ATH rule SHLVXATH(HLVEDDBG) to provide the logon credentials to each dashDB instance. Global variables are used to define alternate authentication credential mapping for the SEF ATH rule.
    1. On the Administer Accelerator Loader Server menu, select option 3 for Manage Rules.
    2. Select option 2 for SEF Rule Management.
    3. Enter * to display all rules, or ATH to display only authentication rules.
    4. Enable the rule by specifying E and pressing Enter.
    5. Set the rule to Auto-Enable by specifying A and pressing Enter.
      Setting the rule to Auto-enable activates the rule automatically when the server is restarted.