We are in the planning stages of opening our Production database for direct access from a Java-based web application using EntireX Security. Our goal is to use a single/generic user id / password for authentication to EntireX and also be able to pass a separate user id/passowrd thru Natural RPC to validate against Natural Security. We currently use a single/generic user id/password the Natural RPC Server and pass the user id/password of the user in the ACI control block thru the Natural RPC Server. Our question is whether there are two separate sets of user id/passwords available in the control block or as a method/property of the Java Wrapper to support this configuration.
Our environment is as follows:
Windows 2000 server sp4, JBoss 4.2
Java
EntireX Java Wrapper
There are separate properties in the Java Wrapper to set the EntireX Security information and the Natural Security information. The Natural Security information is set via the methods
setNaturalLogon
setRPCUserId
setRPCPassword
setLibrary
and the EntireX Security information are the UserId and Password properties of the Broker object used to connect to the RPC Service - userid is set as a parameter of creating a new Broker object and the password is a parameter of the logon method.
Thanks, Doug. This is what I understood as well, just needed confirmation.
Another question with regard to the EntireX Security user id/password. Are there ways to restrict the EntireX Security user id (if a Unix user id is used vs. LDAP) from accessing Unix functions, such as making it a service account? We want to be sure we prevent access to any Unix commands or EntireX administrative functions from the generic EntireX Security user id should it be breached.