i am using sybase 11 oem edition.when i try to create a table in sybase central it gives the following error.'Could not execute statement.Authentication violation.SQLCODE=-98, ODBC 3 State="08001"'.And when i try to create a table via program it is successfully creating the table without error.could you please help me to understand the behaviour of the oem edition.

asked 01 Aug '13, 03:27

Vijay%20S's gravatar image

Vijay S
105235
accept rate: 0%


For the OEM Edition you will have to set the database authentication option for each connection which is used by your application, so that SQLA can check if the application is allowed to access that DB server. The Sybase tools which come with the OEM edition will set the connection_authentication usually with a Sybase specific string, so that you are able to use these tools to access and manipulate your databases. So my guess is, that you are currently not using the tools, which come with the OEM edition.

permanent link

answered 01 Aug '13, 03:34

Martin's gravatar image

Martin
8.6k116151237
accept rate: 14%

Hi Martin,thanks for the information.when i am trying to do any DDL operation in sybase central without setting "SET OPTION PUBLIC.DATABASE_AUTHENTICATION...." i am getting authentication error.But if i do in program using normal jdbc connection it is executing without any problem, it should give me the same error right..I am not sure whether its a correct behavior or not.My requirement is to authenticate via JDBC connection..

(01 Aug '13, 05:16) Vijay S
Replies hidden
2

I think you are mixing two aspects:

A. The database itself must be authenticated once (and restarted once at least afterwards), i.e. by setting

SET OPTION PUBLIC.database_authentication =
 'company = company-name;
 application = application-name;
 signature = database-signature';

That's required to do any modification to a database running on the OEM edition - it doesn't matter whether you use Sybase tools or your own program.

B. Your own program (i.e. the database connections) must authenticate itself when accessing an authenticated database. That's done with the connection_authentication option as described by Martin and Reimer.

(01 Aug '13, 06:03) Volker Barth

I suppose your program is initializing the authentication that is required to make changes to the db. I you connect thru Sybase Centra, ISQL or other tools, you'll have to send the authentication string. From the docs:

SET TEMPORARY OPTION connection_authentication =
     'company = company-name;
     application = application-name;
     signature = application-signature';

See connection_authentication option [database]

This is not the only way to authentice your connection, but the first one that came to my mind.

permanent link

answered 01 Aug '13, 03:36

Reimer%20Pods's gravatar image

Reimer Pods
4.2k334583
accept rate: 11%

2

AFAIK, that's not true for Sybase Central and the other Sybase tools (and Martin seems to share that experience). From the v12.0.1 docs:

All the database tools included with SQL Anywhere, including Sybase Central, Interactive SQL, and the utilities, such as dbbackup, are self-authenticating. They are unrestricted in their operations against any authenticated database. If the database itself is not authenticated, the tools act in a restricted, read-only fashion.

So theses builtin tools do not need the specific OEM string, however, the particular app will need it.

(01 Aug '13, 04:46) Volker Barth

Hi Reimer, I wrote only a simple JDBC program to create a table to test the OEM authentication, but it didn't prompt any error. I didn't use the authentication string in my program but if we try via Sybase central, we are getting an error stating authentication violation..

(01 Aug '13, 05:20) Vijay S
Replies hidden

The reason, is that SQLA gives you a grace period of roughly 10 seconds before the connection is checked for authentication, so a simple open connection and execute statement will(might) succeed without authentication...

(01 Aug '13, 06:45) Martin
2

FWIW, the "grace period" is 30 seconds long, as specified here...

(01 Aug '13, 07:15) Volker Barth

Thanks for the explanation Martin and Volker :)..I am able to test it now. It throws an error after the grace period(30 secs).One last question,do we have any option to customize the grace period to prevent the statements which are executed within 30 seconds to get authenticated..

(01 Aug '13, 07:47) Vijay S
Replies hidden

On reviewing further we found that in the connection signature last 20 characters seems to be optional, we were able to authenticate without last 20 characters.Not sure whether its a common behavior or specific to our key.

(01 Aug '13, 08:14) Vijay S
Replies hidden

Hm, you may be able to use a login_procedure to delay the login (i.e. using WAITFOR ...) if the connection is not immediately authenticated. Note, I have never tried that myself.

(01 Aug '13, 08:34) Volker Barth

I'd suggest to ask that as a different question.

(01 Aug '13, 08:36) Volker Barth
showing 4 of 8 show all flat view
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×22

question asked: 01 Aug '13, 03:27

question was seen: 20,454 times

last updated: 01 Aug '13, 08:36