Examples of specifying authentication requirements for trusted connections
These examples show how to specify authentication requirements for trusted connections by using the WITH USE FOR clause and the WITH AUTHENTICATION and WITHOUT AUTHENTICATION attributes.
Example 1: Specifying authentication requirements for a group of users
The WITH USE FOR clause specifies which users can share a trusted connection. The PUBLIC attribute specifies that any user can connect on a trusted-connection switch request.In this example, trusted-context object tcx1 grants
user newton a trusted connection if the request is
coming from the IPv4 address 192.0.2.1. The trusted
connection can be switched to any other user, and switching does not
require a password from the new user.
CREATE TRUSTED CONTEXT tcx1
USER newton
ATTRIBUTES (ADDRESS '192.0.2.1')
ENABLE
WITH USE FOR PUBLIC WITHOUT AUTHENTICATION;Example 2: Specifying authentication requirements for specific users
The WITH AUTHENTICATION clause specifies that switch requests from the specified user or group of users require authentication (a password). WITH USE FOR clauses that do not specify WITH AUTHENTICATION do not require a password for switching.
In this example, the trusted-context
object tcx2 grants user newton a
trusted connection if the request is coming from the IPv4 address 192.0.2.1.
The trusted connection can be switched to brock if brock provides
a password. The trusted connection can be switched to hayes without
a password.
CREATE TRUSTED CONTEXT tcx2
USER newton
ATTRIBUTES (ADDRESS '192.0.2.1')
ENABLE
WITH USE FOR brock WITH AUTHENTICATION,
hayes WITHOUT AUTHENTICATION;