Gen Build Tool DB2 connection using Windows logon (OPT.DBPSWD plain text)
search cancel

Gen Build Tool DB2 connection using Windows logon (OPT.DBPSWD plain text)

book

Article ID: 384781

calendar_today

Updated On:

Products

Gen

Issue/Introduction

Currently use Gen 8.6 Build Tool (BT) to build Gen application locally as a Window Packaged (GUI C) application and use DB2 UDB connection to connect to a local DB2 database (IBM Data Studio).
The BT stores the DB2 User ID and Password in plain text under tokens OPT.DBUSER and OPT.DBPSWD:

Per directions from an IT audit, it has been requested that passwords not be stored in plain text and using Windows logon authentication has been suggested to connect to the local DB2 database. Is that possible?

Environment

Gen C/DB2 applications.

Resolution

Support reviewed the BT scripts build_lm_c.scr and build_ri_c.scr (directory %Gen86%\Gen\bt\scripts) and found they have an IF block for DB2 UDB precompile (PCC) step covering the condition of no value for BT token OPT.DBUSER:


build_lm_c.scr:

      {[ELSEIF]} OR EQUAL "{execunit.DBMS}" "DB2/2" {\}
                    EQUAL "{execunit.DBMS}" "DB2 UDB"
       CD "{LOC.CODE_SRC}."
           {[BLANKLINE]}
           {[IF]} NOT_EQUAL "{OPT.DBUSER}" ""
        $(PCC) /INAME=STUB.SQC /DB={execunit.DBNAME} /USER={OPT.DBUSER} /PASSWORD={OPT.DBPSWD} {OPT.DBPCCFLAGS}
           {[ELSE]}
        $(PCC) /INAME=STUB.SQC /DB={execunit.DBNAME} {OPT.DBPCCFLAGS}
           {[ENDIF]}
           {[BLANKLINE]}
      {[ENDIF]}

 

build_ri_c.scr:

      {[ELSEIF]} OR EQUAL "{execunit.DBMS}" "DB2/2" {\}
                    EQUAL "{execunit.DBMS}" "DB2 UDB"
 CD "{LOC.RI_TRIG_SRC}."
        {[BLANKLINE]}
        {[IF]} NOT_EQUAL "{OPT.DBUSER}" ""
   $(PCC) /INAME={member.MEMBER}.SQC /DB={execunit.DBNAME} /USER={OPT.DBUSER} /PASSWORD={OPT.DBPSWD} {OPT.DBPCCFLAGS}
        {[ELSE]}
   $(PCC) /INAME={member.MEMBER}.SQC /DB={execunit.DBNAME} {OPT.DBPCCFLAGS}
        {[ENDIF]}


      {[ENDIF]}


Also the default DB2 precompiler source file tidb2prp.sc (directory %Gen86%\Gen\ddl) used to build the precompiler TIDB2PRP.EXE shows it handles the no userid value use case:

   if (strlen(User) == 0)
      EXEC SQL CONNECT TO :dbName;
   else
      EXEC SQL CONNECT TO :dbName USER :User USING :Password;

The DDL installer program TIDB2DDL.EXE source "%Gen86%\Gen\ddl\tidb2ddl.sc" has similar code for the no userid value use case.

Support tested in-house on a Windows VM with DB2 installed and logged on to Windows with DB2 admin user id db2admin.
They started the Gen Build Tool (BT) and set the DBMS DB2 profile tokens OPT.DBUSER and OPT.DBPSWD to no value.
They were able to install DDL for a new database GENDB2 and build CASCADE RI Triggers and load module GUIMENU.
See attached sample model zip file.

Using this process would of course require the logon user to be the owner or have access to the tables for the precompile step to be successful.

Additional Information

This process will also be successful for Cooperative Packaged C applications where the Server Managers access DB2. The same "c" build scripts listed above are used. 

Attachments

sampudb2.ief.zip get_app