Service attributes that affect security

Table 26. Attributes Used to set security
Service Attribute	Description
DataSourceApplID	Specifies a list of application IDs for the service attribute.
DataSourceAutoApplId	Specifies an application ID that is automatically generated by the ODBC Client to identify the client application to the service.
DataSourceLogonMethod	Specifies the method to be used to log on to the data store.
DataSourceSSLDataEncryption	Specifies whether the complete session (logon and data exchange) is secured by SSL.
ServiceAdminAuthMethods	Specifies authentication mechanisms that the OpenAccess SDK Manager can use to authenticate itself to the server.
ServiceAdministrator	Sets authorization for users who are allowed to manage services using the OpenAccess SDK Manager.
ServiceAdministratorGroup	Sets authorization for defined Linux, UNIX, and Windows user groups who are allowed to manage services using the OpenAccess SDK Manager.
ServiceAdminKerberosPrincipalName	Specifies a service principal name other than the default service principal name to be used for Kerberos authentication for the OpenAccess SDK Agent service.
ServiceAuthMethods	Specifies one or multiple authentication mechanisms the service accepts.
ServiceAuthorizedAdminClient	Specifies one or multiple client TCP/IP network identifiers that are allowed to access the service using a client application.
ServiceAuthorizedClient	Specifies client TCP/IP network identifiers to limit the number of clients that are allowed data access connections to data access services.
ServiceKerberosPrincipalName	Specifies the case-sensitive service principal name to be used for Kerberos authentication to the data access service.
ServiceSSLCipherSuites	Specifies the supported cipher suites. The default is TLS_DH_anon_WITH_AES_128_CBC_SHA.
ServiceSSLEnabled	Specifies whether SSL is enabled for the OpenAccess SDK service. The Client encryption method must correspond to the value for this attribute.
ServiceSSLKeyStore	Specifies the pathname of the keystore file containing the server public key certificate and the private key.
ServiceSSLKeyStorePasswordFile	Specifies the path to the directory that contains the keystore password file.
ServiceSSLSessionCacheSize	Specifies the maximum number of SSL or TLS session identifiers that are cached on the OpenAccess SDK Server before the sessions are flushed from the cache.
ServiceSSLSessionCacheTimeout	Specifies the maximum time in seconds to keep a SSL or TLS session in the OpenAccess SDK Server session cache. The default is 300 seconds.
ServiceUser	Sets authorization for users who are allowed to access the service for data access. The setting can be affected by the value of ServiceAuthMethods.