Setting up login mapping for a data source
Login mapping enables a user to login to a repository and gain access to one or more of the database data sources that have been configured in that repository using a single user ID and password.
About this task
With login mapping, administrators can set up users so that they can login to a repository and access any data source without specifying another user ID and password that is specific to the database data source. By setting up login mapping, users do not have to continually reenter login information every time they access a database data source, and they do not have to know the login information for each database data source.
You set up login mapping for each data source that you include in the repository. Login mapping can only be set up for data sources that reside in protected repositories. Protected repositories are those repositories that were created with the security option Internal, LDAP, or Database-based. When setting up login mapping for a Db2 database users, you can use a trusted connection if a trusted context is created for the managed data source. In this case, the specified connection to the application is recognized as trusted and the database does not require individual user credentials.
- User X is a member of two groups, Group A and Group B. You have assigned a login mapping ID and password for Group A that gives all users assigned to Group A a certain level of access to the data source. You have assigned a login mapping ID and password for Group B that gives all users assigned group B a lesser level of access to the database data source. As a member of both groups, when User X accesses the data source, it is unclear what login information that should be used. Should it be the based on the user as a member of Group A or Group B. The Priority field resolves this issue. You would assign a priority value to the login information. For example, Group A is assigned a priority of 10 and Group B is assigned a priority of 5. When a user that is a member of both groups accesses the data source, access is granted based on the login information of the group, to which the user is a member, with the highest priority. In this example that would be Group A. It is important to note that in this scenario, you can not assign the same priority value to more than one group.
- User X is a member of two groups, Group A and Group B. However, User X must have a distinct level of access to a data source that is different than any other member of either group. You will use the Priority field to resolve this issue. You will assign a login mapping user ID and password to Group B and assign a priority value of 5 to the mapping information. You will assign a login mapping user ID and password to Group A and assign a priority value of 10 to the mapping information. You will assign a login mapping user ID and password for User X and assign a priority value of 25 to mapping information. When User X accesses the data source, the mapping information with the highest priority value will be used. It is important to note that in this scenario, you can not assign the same priority value to a group and individual user that is a member of the group.
The topics below describe how to set up login mapping with and without trusted connection.