Home » Tech Reference » How To Use Source Security

How To...

Use Source Security

When integrating multiple data sources through MetaMatrix, there are two general approaches that can be taken as far as source security: use an 'application' logon for each source (defined in connector bindings), or use the source's security mechanism. The latter requires that the source security information be passed into MetaMatrix. This information will flow down to the connector framework where it will be used to connections to the source using the source credentials.

NOTE
This capability is only available for MetaMatrix Enterprise.


Overview

This page describes how MetaMatrix can use the security mechanisms of individual data sources when federating data across multiple sources.

The use of source security is driven off the credentials JDBC property. For example:

jdbc:metamatrix:vdb@mm://host:port;credentials=<some value>

Use Cases

There are 3 basic use cases:

  1. Specify the credentials for all sources
  2. Pass the MetaMatrix logon credentials to all sources
  3. Some combination of these

1. Specify Source Credentials

This use case is for when you want to specify the logon credentials for all the source systems in the JDBC URL. The form of the credentials property is:

credentials=(system=<sys1>,user=<uname>, password=<pwd>/system=<sys2>,...)

Note that any property can be specified for a system, using the name=value syntax, as long as the connector associated with the source understands the property or can pass it to the source. The following properties are "well-known" and required:

  • system - The name of the system; this must correspond to the connector binding name
  • user - The username that can be used to connect to the system; must be valid user of the system being accessed
  • password - The password for the user in the target system; the user and password are used to authenticate to the target system

The following is an example where the credentials for the two source systems are passed into MetaMatrix in the JDBC URL.

Example
jdbc:metamatrix:MyVDB@mm://HostA:5001; credentials=(system=s1,user=u1,password=p1/ system=s2,user=u2,password=p2)

2. Use MetaMatrix Connection Credentials

This use case is for when you want to use the same credentials for all the source systems as used when establishing a connection to MetaMatrix. That is, you want to pass the user and password that you passed into MetaMatrix down to each source (which presumably can authenticate using those credentials).

The following is an example where the MetaMatrix credentials (passed into MetaMatrix in the JDBC URL) are passed to each source.

Example
jdbc:metamatrix:MyVDB@mm://HostA:5001;credentials=defaultToLogon

3. Combination

This use case is a combination of cases 1 and 2.

Example
jdbc:metamatrix:MyVDB@mm://HostA:5001; credentials=defaultToLogon,(system=s1,user=u1,password=p1)

Configuring Connectors

When source security is used, the connector bindings for the sources must be configured appropriately. Here is an example:

  • Connector binding name - this is the name used in the system part of the credentials property
  • Extension connection factory class name:
    • com.metamatrix.connector.jdbc.oracle.OracleUserIdentityConnectionFactory