What Are the Methods for Connecting to the Database?

Users are authenticated for database access according to the login procedure assigned to the database service.

There are three ways to set up database user authentication:

  • Specify the database user name and password in the database interface configuration file.

  • Have all users authenticate as the same database user (sometimes referred to as the USE_PRIVILEGED_ID method).

  • Have each user authenticate individually (sometimes referred to as the USE_USER_ID method).

These methods are explained in more detail in the following topics. Choose the method of access that meets your data security and auditing needs.

Note: 

Database users are created in the database using tools provided by the vendor. The same users must also be created in the Landmark system using Landmark tools.

Specify the User Name and Password in the Database Interface Configuration File

A single privileged user logs into the database.

The database user name and password are stored in the $LARUNDIR/dataarea/db.cfg file, in clear text. When using this method, you do not need to configure a login scheme for the database service or enter a value for the SERVICENAME parameter in the db.cfg file.

Caution: 

If you choose to use this method, make sure you secure the db.cfg file.

This is the default login procedure.

Use Each User's Identity

Each user is authenticated separately by the database.

This method has a login procedure of USE_USER_ID. Each actor is mapped to a specific database identity, which is stored in the GEN database or LDAP directory. To implement this method, you must create a database service.

This method requires that SERVICENAME parameter is defined as the database service in the $LARUNDIR/dataarea/db.cfg file.