Previous Topic

Next Topic

User Authorization Using Netutil and Ingnet

To access remote node connections, all Ingres Star users must run netutil or ingnet on the Ingres Star node and define their remote user authorizations to each remote node. To access a local Star Server, all Ingres Star users must run netutil or ingnet and define their logins to their accounts on their local node.

Users only need define their authorizations to each remote node and the local node once. The authorizations remain until the users choose to delete them with the netutil or ingnet utilities.

If a user's password is changed on one of the remote nodes, the corresponding netutil or ingnet authorization must be changed accordingly.

For complete details about the netutil or ingnet utilities, see the System Administrator Guide and online help.

Previous Topic

Next Topic

Global and Private Authorizations

The authorizations defined in netutil or ingnet can be globally entered by the Net system administrator and used by all users, or they can be private entries.

Previous Topic

Next Topic

Group Accounts

As an alternative to allowing each user private authorization to each remote node, the Net system administrator may define a login to serve as a group account for each local node and define global access to this account through netutil or ingnet. Ingres Star will connect to Ingres on the local node using the group account name and not the Ingres Star user's name.

For example, consider the following configuration:

Dave uses Ingres Star on node london to access data from the paris node. Ingres Star's session with the database on paris will be in the name of francis; Dave is able to access only those tables with permissions granted to the francis login.

Previous Topic

Next Topic

Private Accounts

In most cases, the individual user will want to define a private authorization to a node even if the node itself is defined globally. Defining authorizations for any node makes sense only if the authorized user has access to a login account on that node.

Previous Topic

Next Topic

How User Authorization to the Local Node Is Established

The local vnode name is generated for you automatically when you install Ingres Star. The name is stored as the configuration parameter local_vnode. The local_vnode name is viewable through the CBF or Visual CBF utilities. For details, see the System Administrator Guide.

Previous Topic

Next Topic

Authorization in Netutil and Inget for Recovery

For Ingres Star to perform two-phase commit recovery after a failure, there must be a netutil or ingnet authorization on the node where the Star Server resides for the owner of the Ingres installation or the Ingres Star installation. The netutil or ingnet authorization must be defined for every node referenced in each database accessed by the Star Server.

For example, Ingres Star running on node New York references nodes London, San Francisco, and Tokyo. On the New York node, there must be netutil or ingnet entries for the installation owner or the system administrator to all three remote nodes referenced (London, San Francisco, and Tokyo).

Previous Topic

Next Topic

Authorization Examples

This section gives examples of using installation passwords or netutil or ingnet to define the network configuration of a Ingres Star database.

Previous Topic

Next Topic

Example 1

In the following diagram, client and Ingres Star installation reside on node_A. Tables in the distributed database, node_A::sales/star, are registered from databases node_B::b_sales/ingres and Node_C::c_sales/ingres.

Users of node_A::sales/star can now access registered tables from node_B::b_sales/ingres and node_C::c_sales/ingres without each having to provide private remote authorization from node_A to both node_B and node_C.

Previous Topic

Next Topic

Example 2

In the following diagram, the Ingres Star application and the Star Server both run on Node A. The Ingres Star distributed database consists of an SQL Enterprise Access on Node B and an Ingres local DBMS on Node C.

The netutil or ingnet requirements for running the application on Node A are as follows:

Previous Topic

Next Topic

Example 3

In this example, the Ingres Star application runs on Node A and connects to a Star Server on the remote node, Node B. There is an Ingres local DBMS on Node C.

The netutil or ingnet requirements for running the application on Node A are as follows:

Note that netutil or ingnet must be used on both Node A and Node B.

Previous Topic

Next Topic

Example 4

In this example, the Ingres Star application, the Star Server, and the local databases are all on the same installation on one node.


© 2007 Ingres Corporation. All rights reserved.