About Authentication

On most computer systems, a password is used to prove (authenticate) a user's identity. This password often is transmitted over the network and can possibly be intercepted by malicious hackers. Because this password is the one secret piece of information that identifies a user, anyone knowing a user's password can effectively be that user.

Authentication methods protect the identity of the user. DataDirect XQuery supports the following authentication methods:

User ID/password authentication authenticates the user to the database using a database user name and password.

Kerberos is a trusted third-party authentication service. The drivers support both Windows Active Directory Kerberos and MIT Kerberos implementations for DB2, Oracle, and Sybase. For Microsoft SQL Server, the driver supports Windows Active Directory Kerberos only.

Client authentication uses the user ID of the user logged onto the system on which the driver is running to authenticate the user to the database. The database server relies on the client to authenticate the user and does not provide additional authentication.

NTLM authentication is a single sign-on authentication method for Windows environments. This method provides authentication from Windows clients only.

Table 7-1. Authentication Methods Supported by DataDirect XQuery
Driver	User ID/ Password	Kerberos1	Client	NTLM
DB2 for Linux/UNIX/Windows	X	X	X
DB2 for z/OS	X	X	X
DB2 for iSeries	X		X
Informix	X
MySQL	X
Oracle	X	X	X	X
Microsoft SQL Server	X	X2		X
Sybase	X	X

1For DB2, Oracle, and Sybase, the drivers support the Windows Active Directory KDC and MIT Kerberos KDC. For Microsoft SQL Server, the driver supports the Windows Active Directory KDC only.

2Supported for Microsoft SQL Server 2000 and higher.