The Adaptive Server directory service, such as the interfaces file, NT Registry, or LDAP service, defines the server address and port numbers, and determines the security protocols that are enforced for client connections. Adaptive Server implements the SSL protocol as a filter that is appended to the master and query lines of the directory services.
The addresses and port numbers on which Adaptive Server accepts connections are configurable, so you can enable multiple network and security protocols for a single server. Server connection attributes are specified with directory services, such as LDAP, or with the traditional Sybase interfaces file. See “Creating server directory entries”.
All connection attempts to a master or query entry in the interfaces file with an SSL filter must support the SSL protocol. A server can be configured to accept SSL connections and have other connections that accept clear text (unencrypted data), or use other security mechanisms.
For example, the interfaces file on UNIX that supports both SSL-based connections and clear-text connections looks like this:
SYBSRV1 master tcp ether myhostname myport1 ssl query tcp ether myhostname myport1 ssl master tcp ether myhostname myport2
The SSL filter is different from other security mechanisms, such as DCE and Kerberos, which are defined with SECMECH (security mechanism) lines in the interfaces file (sql.ini on Windows).
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
