RE: AS/400 as ODBC database server question

This is the exact solution we are prompting from the vendor - have only one
user connection to the database (the database owner), and funnel all
application requests through it. Let application security decide whether
someone should do something, but let the database owner do the work. A fix
is in the works (for another client). Supposedly the other database
platforms (Oracle & MS SQL Server) have this "funneling" technique in place
- this seems to be an application support issue, and not a database issue.

This way, if a user need read-only access, it can be granted on a profile
basis. Our intention is to not allow any write access except through the
application, or "back-end" AS/400 programs that we will control.

/rant/
This seems to be another peg in the "AS/400 is inferior" argument - vendors
support some platforms adequately, and others half-a$$ed, in the guise of
openness. Then blame it on the AS/400.
/rant/

Loyd

-----Original Message-----
From: Sean Porterfield [mailto:sporter@bestdist.com]
Sent: Friday, July 27, 2001 9:43 AM
To: MIDRANGE-L@midrange.com
Subject: RE: AS/400 as ODBC database server question


Since I don't know how much (if any) control you have with how the program
works, this is just an idea.  If the end user provides a username/password
to the program for validation, and the program then sends its own
username/password to the AS/400, the end user doesn't need to know a real
AS/400 username/password and thus can't access the data any other way.

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---