DB2 Kerberos Permissions
- Last Updated: December 3, 2024
- 1 minute read
- DataDirect Connectors
- JDBC
- IBM Db2 5.1
- MySQL 5.1
- Progress OpenEdge 5.1
- SAP Sybase 5.1
- Documentation
If using Kerberos authentication with a Security Manager on a Java Platform, you must grant security permissions to the application and driver.
To grant security permission for the DB2 driver, add the following code to the Java security policy file.
grant codeBase "file:/install_dir/lib/51/-" {
permission javax.security.auth.AuthPermission
"createLoginContext.DDTEK-JDBC";
permission javax.security.auth.AuthPermission "doAs";
permission javax.security.auth.kerberos.ServicePermission
"krbtgt/your_realm@your_realm", "initiate";
permission javax.security.auth.kerberos.ServicePermission
"principal_name/db_hostname@your_realm", "initiate";
};where:
install_dir- is the product installation directory.
your_realm- is the Kerberos realm (or Windows Domain) to which the database host machine belongs.
principal_name- is the service principal name registered with the Key Distribution Center (KDC) that identifies the database service.
db_hostname- is the host name of the machine running the database.