IBM Support

What are the prerequisites or changes required at WAS level(Application server) when AUTHENTICATION is changed to DATA_ENCRYPT in DB2 server?

Technical Blog Post


Abstract

What are the prerequisites or changes required at WAS level(Application server) when AUTHENTICATION is changed to DATA_ENCRYPT in DB2 server?

Body

 

 

On DB2 server, we have a database manager configuration parameter - AUTHENTICATION, which specifies and determines how and where authentication of a user takes place. There are different options you could select based on your requirement. 

A value of DATA_ENCRYPT means the authentication takes place at the server and it expects the user IDs, passwords and data that is sent over the network to be encrypted.

In almost all cases, WAS uses JDBC/JCC type 4 connection type to connect to db2 server. 
So, please set the “securityMechanism" property to ENCRYPTED_USER_PASSWORD_AND_DATA_SECURITY, to specify programmatically which (DATA_ENCRYPT) authentication type the type 4 driver can use, by setting this property on the data source i.e. WAS.

Please review the following link for more details :

https://www.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.apdv.java.doc/src/tpc/imjcc_cjvjcsec.html
 
Important : After you make the above changes to database and client authentication settings, you must stop and restart the Websphere Application Server in order for it to pick up the change.
 

 

[{"Business Unit":{"code":"BU029","label":"Data and AI"}, "Product":{"code":"SSEPGG","label":"DB2 for Linux- UNIX and Windows"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":""}]

UID

ibm11140136