为数据源使用连接池可能会导致基于角色的安全性破坏。IBM Informix 服务器中对可信连接和可信上下文的支持能够灵活地重用连接,向中间层授予受控的权限,以及在三层应用程序中加强用户责任性而不损害其数据库安全性,所有这些都改善了系统性能。
本文将讨论可信连接和可信上下文,展示如何使用 JDBC、ESQL/C 和 ODBC 驱动程序管理可信上下文。
在传统的三层应用程序模型中,您只有在成功授权之后才能与交互,检查和审计由中间层执行。即使有多个用户登录到中间层,中间层也仅使用单个用户 ID 来访问,而且会在所有资源上授予权限。此模型无法获取尝试访问数据库的实际用户身份,以进行访问控制。另外,如果中间层用户 ID 被盗用,可能导致严重的安全威胁。
为了在中间层服务器与数据库服务器之间实现惟一的交互组,Informix 中引入了可信数据库连接 的概念。可信上下文 是在数据库服务器上创建的一种数据库安全对象,它定义了一个可信数据库连接的属性。在连接属性与 Informix 服务器上定义的惟一可信上下文属性匹配时,就会建立可信连接。中间层服务器建立可信连接后,可重用同一个物理连接,而无需在数据库服务器上对最终用户重新进行身份验证。
从应用程序开发人员的角度讲,可信连接的重要性离不开这样一个事实:单个数据库连接可与其他用户共享,同时维护每一个尝试访问数据库的应用程序或用户的 ID。对用户权限的控制有助于适当地授予或限制用户对敏感资源的访问,进而提高系统安全性和用户责任性。
使用 Informix 客户端驱动程序管理可信上下文
在本节中,您将学习如何创建、修改和丢弃一个可信上下文。要创建和管理可信上下文,您的应用程序必须通过 TCP/IP 连接 Informix 服务器。以下 Informix 客户端驱动程序通过公开后面几节中将探讨的相关 API 来支持可信连接。
- IBM Informix JDBC 驱动程序
- IBM Informix ODBC 驱动程序
- IBM Informix ESQL/C 驱动程序
建立可信连接
使用 JDBC 驱动程序
要在 JDBC 应用程序中请求一个可信连接,可将 TRUSTED_CONTEXT = TRUE; 属性包含在数据库 URL 中,如清单 1 中所示。
清单 1. 使用 JDBC 驱动程序连接
jdbc:informix-sqli://hostname:portnumber/database_name:INFORMIXSERVER = server_name; TRUSTED_CONTEXT = TRUE;
使用 ODBC 驱动程序
以下是通过 ODBC 建立可信连接的两种方式,一个示例如清单 2 中所示。
使用 SQLSetConnectAttr() API:
SQLSetConnectAttr(hdbc1,SQL_ATTR_USE_TRUSTED_CONTEXT,SQL_TRUE,SQL_IS_INTEGER));
使用连接字符串参数:
TRUSTEDCONTEXT=1; 或 TCTX=1;
清单 2. ODBC 驱动程序的样例连接字符串
"Server=ol_informix_1170;Host=9.124.123.54;Service=ol_informix_1170;Protocol=onsoctcp; Database=stores7;TRUSTEDCONTEXT=1;"
使用 ESQL/C 驱动程序
在 ESQL/C 中,可信连接使用 TRUSTED 关键字和连接语句,以及用户名和密码来建立,如清单 3 中所示。
清单 3. 使用 ESQL/C 驱动程序连接
EXEC SQL CONNECT TO 'database_name' USER 'informix' USING :infx_passwd TRUSTED;
MySQL String Types: Storage, Performance, and Best PracticesMay 10, 2025 am 12:02 AMMySQLstringtypesimpactstorageandperformanceasfollows:1)CHARisfixed-length,alwaysusingthesamestoragespace,whichcanbefasterbutlessspace-efficient.2)VARCHARisvariable-length,morespace-efficientbutpotentiallyslower.3)TEXTisforlargetext,storedoutsiderows,
Understanding MySQL String Types: VARCHAR, TEXT, CHAR, and MoreMay 10, 2025 am 12:02 AMMySQLstringtypesincludeVARCHAR,TEXT,CHAR,ENUM,andSET.1)VARCHARisversatileforvariable-lengthstringsuptoaspecifiedlimit.2)TEXTisidealforlargetextstoragewithoutadefinedlength.3)CHARisfixed-length,suitableforconsistentdatalikecodes.4)ENUMenforcesdatainte
What are the String Data Types in MySQL?May 10, 2025 am 12:01 AMMySQLoffersvariousstringdatatypes:1)CHARforfixed-lengthstrings,2)VARCHARforvariable-lengthtext,3)BINARYandVARBINARYforbinarydata,4)BLOBandTEXTforlargedata,and5)ENUMandSETforcontrolledinput.Eachtypehasspecificusesandperformancecharacteristics,sochoose
How to Grant Permissions to New MySQL UsersMay 09, 2025 am 12:16 AMTograntpermissionstonewMySQLusers,followthesesteps:1)AccessMySQLasauserwithsufficientprivileges,2)CreateanewuserwiththeCREATEUSERcommand,3)UsetheGRANTcommandtospecifypermissionslikeSELECT,INSERT,UPDATE,orALLPRIVILEGESonspecificdatabasesortables,and4)
How to Add Users in MySQL: A Step-by-Step GuideMay 09, 2025 am 12:14 AMToaddusersinMySQLeffectivelyandsecurely,followthesesteps:1)UsetheCREATEUSERstatementtoaddanewuser,specifyingthehostandastrongpassword.2)GrantnecessaryprivilegesusingtheGRANTstatement,adheringtotheprincipleofleastprivilege.3)Implementsecuritymeasuresl
MySQL: Adding a new user with complex permissionsMay 09, 2025 am 12:09 AMToaddanewuserwithcomplexpermissionsinMySQL,followthesesteps:1)CreatetheuserwithCREATEUSER'newuser'@'localhost'IDENTIFIEDBY'password';.2)Grantreadaccesstoalltablesin'mydatabase'withGRANTSELECTONmydatabase.TO'newuser'@'localhost';.3)Grantwriteaccessto'
MySQL: String Data Types and CollationsMay 09, 2025 am 12:08 AMThe string data types in MySQL include CHAR, VARCHAR, BINARY, VARBINARY, BLOB, and TEXT. The collations determine the comparison and sorting of strings. 1.CHAR is suitable for fixed-length strings, VARCHAR is suitable for variable-length strings. 2.BINARY and VARBINARY are used for binary data, and BLOB and TEXT are used for large object data. 3. Sorting rules such as utf8mb4_unicode_ci ignores upper and lower case and is suitable for user names; utf8mb4_bin is case sensitive and is suitable for fields that require precise comparison.
MySQL: What length should I use for VARCHARs?May 09, 2025 am 12:06 AMThe best MySQLVARCHAR column length selection should be based on data analysis, consider future growth, evaluate performance impacts, and character set requirements. 1) Analyze the data to determine typical lengths; 2) Reserve future expansion space; 3) Pay attention to the impact of large lengths on performance; 4) Consider the impact of character sets on storage. Through these steps, the efficiency and scalability of the database can be optimized.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SublimeText3 Linux new version
SublimeText3 Linux latest version
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
