Getting Started with WebSphere Application Server
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Chapter 8 – Security 155<br />
Figure 8.7 – Portlets for Community Edition administrative configuration<br />
8.5 Securing your data <strong>with</strong> trusted contexts<br />
Trusted contexts provide a way to build fast and more secure three-tier applications. A three-tiered<br />
application consists of a database server such as DB2, a middleware server such as Community Edition,<br />
and end users. With this model, Community Edition is responsible for accessing the DB2 database server<br />
on behalf of end users. Trusted context support ensures that an end user's DB2 database identity and<br />
DB2 database privileges are used when Community Edition performs any database requests on behalf of<br />
that end user.<br />
The user's identity is always preserved for auditing and security purposes. When you require secure<br />
connections, trusted contexts improve performance because you do not have to get new connections.<br />
A trusted context is an object that the DB2 database administrator defines that contains a system<br />
authorization ID and a set of trust attributes, like the IP address, that identify a connection as trusted. The<br />
relationship between a database connection and a trusted context is established when the connection to<br />
the database server is first created, and that relationship remains for the life of the database connection.<br />
Community Edition can use that database connection under a different user <strong>with</strong>out re-authenticating the<br />
new user at the database server.<br />
To avoid vulnerability to security breaches, a Community Edition server using these trusted methods<br />
should not use untrusted connection methods.<br />
Note:<br />
For more information about trusted contexts, refer to the article<br />
http://www.ibm.com/developerworks/data/library/techarticle/dm-0609mohan/index.html<br />
and this tutorial that uses Data Web Services and trusted context <strong>with</strong> IBM Data Studio:<br />
http://www.ibm.com/developerworks/edu/dm-dw-dm-0805misra2-i.html