A trusted context is a database object that defines a trust relationship for a connection between the wire listener and the DB2® database.
For more information on the use of trusted context, go to Trusted contexts and trusted connections
To run requests on the DB2 database, the wire listener establishes a connection to the database with the authentication information of the wire listener proxy user. By default, all processing is done under the authorization of this proxy user.
In authenticated mode, the wire listener uses the registry file to identify application user authorizations and perhaps a context user association. If such an association is found, the proxy user establishes a connection and sets the trusted context that is based on the registry information. The database request is run with the trusted context authorization.
For example, Jane, Jill and Joe are in the J-group and need the same privileges. The DB2 database user juser is authorized to run requests, and a trusted context is established for juser. With juser associated as context user in the registry file to Jane, Jill and Joe, all three user's requests run with the DB2 context user juser.
DB2 create TRUSTED CONTEXT CTX BASED UPON CONNECTION USING SYSTEM AUTHID db2user attributes (ADDRESS '192.168.1.101') ENABLE WITH USE FOR db2user2,db2user3 WITHOUT AUTHENTICATION
wplistener.sh €“register -registrationFile /tmp/register.cfg -action configureInstance -authenticate yes -accessType local -context use
wplistener.sh register -registrationFile /tmp/register.cfg -action configureSchema -schema products -authenticate yes -context use -contextUser db2user2
wplistener.sh €“register -registrationFile /tmp/register.cfg -action configureSchema -schema orders -authenticate yes -context use -contextUser db2user2
wplistener.sh €“register -registrationFile /tmp/register.cfg -action addUser -user Alice -password alicepwd -schema products -contextUser db2user2
wplistener.sh €“register -registrationFile /tmp/register.cfg -action addUser -user John -password johnpwd -schema products
wplistener.sh €“register -registrationFile /tmp/register.cfg -action addUser -user Mary -password marypwd -schema orders -contextUser db2user3
wplistener.sh -start -mongoHost localhost -mongoPort 27111 -userid db2user -password passw0rd -debug -registrationFile /tmp/register.cfg -logPath /tmp/wllog -host 192.168.1.101:50000 -dbName jsondb
$mongo –host localhost –port 27111
connecting to: localhost:27111/test
> use products
switched to db products
> db.employee.find()
{ "errmsg" : "unauthorized", "ok" : 0 }
> db.auth("Alice", "alicepwd")
1
> db.employee.find()
{ "_id" : ObjectId("528d5402c841086421000001"), "name" : "Joe", "age" : 50 }