Consultor Eletrônico

Status: Unverified

GOAL:

For CorVu servers what is the difference between a secure server and an open server?

FIX:


The important distinction between an open and a secure server is that in a secure server the validation and access depends on the security that the DBMS (database management system) provides.
1. A secure server is a db connection configured in CorVu in such a way that the DBMS security is used. You should use a secure server if your DBMS has security features implemented, and the data in the database is sensitive in nature.
2. When you set up a secure server, you do not supply a username or password. Consequently, there will be no database username or password in the CorVu configuration files.
3. However, when you log into CorVu and select a secure server, the username that you type into CorVu must be valid on the database.
4. How it then functions:
4.1 If that username exists in CorVu -
- CorVu will use the security information for that username for CorVu security;
4.2 otherwise, if that username does not exist in CorVu, and a user called "*" exists -
- CorVu will use the security information for the asterisk ("*") user for CorVu security;
4.3 otherwise the user will be denied access.
5. The username that is used for CorVu security must have the "*" as the password. This tells CorVu that it needs to send the username and password that the user types in to the server for validation. Those user details are then passed to the DBMS for validation.
--------------------------------------------------------------
Thus - to summarize, for a secure server:
- the username must not be specified in the connection configuration
- the password must not be specified in the connection configuration
- the username typed in must exist in the database, and either this username or the user "*" must exist in the CorVu security
- the password typed in must be valid in the DBMS for the specified user
- the password in the CorVu security must be "*"