Hitachi Vantara Pentaho Community Forums
Results 1 to 4 of 4

Thread: Database connection to AS400

  1. #1

    Default Database connection to AS400

    Hi everyone out there,
    I have been using the database input and output steps with connetion to AS400 through JDBC withouout any problems.
    For the user ID and password, I just simply Hard-coded within the connection setting.
    However, recently I need to think about security concerns and testing with the user ID and password left blank in the connection setting.

    As I try to run the transformation in spoon or pan, I will get the Signon dialog to prompt me for the userid and password.
    This dialog seems not working at all! I wonder if this is part of Kettle, or part of JT400??

    Does anyone out there know of any answers??

    Thanks in advance,
    Alex

  2. #2
    Join Date
    May 2006
    Posts
    4,882

    Default

    The dialog is not in Kettle... pretty sure.

    For security reasons... use variables for userid and password.

    Regards,
    Sven

  3. #3

    Default

    Thanks for your quick reply, Sven!
    Your suggestion to use variable, could you explain?
    So far, I know I can set variables in kettle.properties to define my database connection userid and password, but the method still post security problems since anyone who can access the machine will have chance to discover the password...
    Any suggestions?
    Thanks,
    Alex

  4. #4
    Join Date
    May 2006
    Posts
    4,882

    Default

    Security is always going to be a "problem".

    PDI needs to know the user-id and password to logon to its connections. So the person who has access to PDI on the system you run it from will always have access to the userid and password. You can try to encrypt/obfuscate as is done now with the passwords, but if you have someone who's willing to spend some time on it he will be able revert it.

    One other possible solution would be to use JNDI to get at the connections, but then the person with administrator JNDI access will see your userid and password... and JNDI access in PDI still has some small problems currently.

    What most people seem to do is to have a userid with limited access. That userid/user owns private files containing userid and passwords. And if you forget about root/administrator access for a while your security is relatively fine.

    Regards,
    Sven

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.