skip to main content
Configuring Security for OpenAccess SDK : About OpenAccess SDK security : Authentication
 

Authentication

Authentication allows the OpenAccess SDK Server to verify the identity of the OpenAccess SDK Client when the client connects to the OpenAccess SDK Server. If authentication fails, the OpenAccess SDK Client disconnects from the server.
You must set an authentication method separately for users who send data access requests and users who send OpenAccess SDK Manager requests. For example, you may want to use an operating system user ID for OpenAccess SDK Agent and Kerberos for Data Service activities.
Depending on the combination of client and server platforms involved in the connection, OpenAccess SDK supports the following authentication methods:
*Anonymous. The OpenAccess SDK Server accepts connections from any OpenAccess SDK Client without verifying the client’s identity.
*Operating system user ID and password. The OpenAccess SDK Server verifies the identity of the OpenAccess SDK Client using a user ID and password that must be valid for the platform on which the OpenAccess SDK Server is running. If verified, the server accepts the user ID as the identity of the client and permits the connection.
*Kerberos. Kerberos authentication uses Kerberos, a trusted third-party authentication service, to verify user identities. Kerberos authentication can take advantage of the user credentials maintained by the operating system to authenticate users to the database. This method requires knowledge of how to configure your Kerberos environment.
*NTLM. This option is supported for connections between OpenAccess SDK Server for Windows servers and ODBC Clients, ADO Clients, and .NET Clients on Windows only. The OpenAccess SDK Server verifies the identity of the OpenAccess SDK Client using the client’s Windows network logon credentials instead of a Windows user ID and password.
With all authentication methods, credentials are encrypted before they are sent over the wire. Credentials are never sent as clear text.
Although a user may be able to connect to the OpenAccess SDK Server, the user does not automatically have access to the data store that the OpenAccess SDK Server services.