Setting Pass-Through Credentials for JDBC Clients

When data sources are configured to use pass-through login, the TDV Server session credentials are used by default to log in to the data source when no other credentials have been set by the JDBC client. Different data source credentials can be specified using the JDBC driver to negotiate data source access. When a data source is configured to use pass-through login, a data source credential establishes the connection and session. Credentials set with the JDBC driver are only valid for use with data sources that have been configured to use pass-through authentication, and connections created with them are only valid for the current JDBC client session.

Each named resource can be set with a username-password pair when creating connections with resources configured to use pass-through login. This can also be done for a generic “null data source” setting instance for unspecified resources.

The setDataSourceCredentials() method, registers the data source pass-through credentials for the current session for each data source specified. It can be called as many times as is necessary to set credentials on each pass-through login-enabled resource from which data is to be retrieved.

Variable	Description
<fullpath>	Provides the full path to the data source or can be NULL. If the path refers to a data source that the user does not have privileges to access, the program returns an error message.
<username>	Only one username-password pair can be set for a path.
<password>	Password to the data source.

• For data sources configured to use pass-through, TDV does not re-use other connections, or sessions created by other users. Credentials set by the JDBC client are only available for the current client session. If the client connection is terminated abnormally, the connection is not returned to the pool for use by other clients.

• When the data source path matches a data source name for which credentials have been specified, those credentials are used to attempt data retrieval. To enhance security, any failure to connect or retrieve data with those credentials stops the retrieval process without attempts to use other credentials, even if suitable credentials were set on a NULL data source.

• If setDataSourceCredentials() is used to specify a user (e.g. 'userabc') normally, the data source will proceed to log in to the database server as this user. But the case in which the client has logged in to the TDV server as 'admin' is an exception. In this case, setDataSourceCredentials() is ignored and instead, TDV defaults to using the data source credentials to log in to the database server.

Note: When using pooled connections, it is recommended that JDBC clients clear any credentials that were set prior to returning the connection to the pool by calling the clearAllDataSourceCredentials (no arguments) method.

Reference	Description
Example 2: Set Data Source Credentials to Use Pass-through Data Sources	When data is requested from a data source enabled for pass-through login, the TDV Server first checks to see if the requesting client has credentials set for that named resource. If credentials have been set, they are passed through to establish a connection and session to get data from that source.
Example 3: Setting Credentials for Use with Any Pass-through Data Source	If no credentials have been set on the data source from which data is required, the TDV Server checks to see if the setDataSourceCredentials() method was used to set credentials on the null data source (NULL). If setDataSourceCredentials()was used to set credentials on the null data source, those credentials are used to attempt data retrieval.
Example 4: Set TDV Server Credentials to Use Pass-through Data Sources	If credentials have not been set on the specifically named data source or on NULL, the TDV Server tries to access the data source using the same login credentials as those used to establish a connection with the TDV Server.