Yeah - I agree. I misread the original description of how the application worked. I thought that there was some front-end tier (the Powerbuilder bit) that connected to the SQL Server.
From: Steve Kradel [mailto:[email protected]] Sent: Tuesday, 29 May 2012 12:49 PM To: NT System Admin Issues Subject: Re: PowerBuilder ODBC connection to SQL with alternate credentials Michael: Is this thing 3-tier or 2-tier? (If 3-tier, why would the desktop application be aware in any way of where the database lives?) Could you please explain what you mean by a "mainframe" vs "'local' or client/server" database? The only distinctions I'd draw would be between a database that the client accesses directly, and one that only the middle tier works with. I've never heard of ClientBuilder before; just opining on what I've seen as a developer and would expect from an app of this vintage. Ken: If the clients are hitting the database directly, it seems clear that the app design did not contemplate the number of concurrent database connections as a bottleneck. In a typical web application, we like database connection pooling primarily to manage the database client side resources on the web application server while also reducing connection setup/teardown time. I certainly would not rule out something that modern doctrine considers "non-scalable" as impractical or unrealistic for an old business app. There are a lot of pitfalls with letting clients pester a relational database directly, but that used to be the way of things unless you had the money to spend on middleware. --Steve On Mon, May 28, 2012 at 8:42 PM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: I'm still working with Christopher. There are several challenges here. We are talking about ClientBuilder, not PowerBuilder. ClientBuilder generally contacts a mainframe DB, not a "local" or client/server DB. So, it is common to execute a client application (built in ClientBuilder) that accesses a mainframe DB via a specified username/password or via a default username/password that is not the same as the username/password of the user executing the client application. From: Steve Kradel [mailto:[email protected]<mailto:[email protected]>] Sent: Monday, May 28, 2012 4:43 PM To: NT System Admin Issues Subject: Re: PowerBuilder ODBC connection to SQL with alternate credentials This thread's a little old, but I meant to chime in with one reasonably major point: switching off user-specific authentication and authorization to the database server can have many ill consequences if that is the core of the system's security model. There might be no other tier to this thing (and there probably isn't, given the system's age and the state of PowerBuilder-type development twelve years ago)... If you bump it over to a static, SQL-based identity, the application could lose all context of who is logging in, taking an action, etc. Question is, why do you want to hard-code credentials into the connection string? What is wrong with Windows authorization to SQL? --Steve On Thu, May 24, 2012 at 4:55 PM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: Uh.... Sure, WTH. No promises. When I last used it, it was on Sybase SQL 4.1 (just before it became Microsoft SQL). From: Christopher Bodnar [mailto:[email protected]<mailto:[email protected]>] Sent: Thursday, May 24, 2012 4:37 PM To: NT System Admin Issues Subject: RE: PowerBuilder ODBC connection to SQL with alternate credentials Any interest in looking at some of the code? Thanks Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459<tel:610-807-6459> 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:[email protected]> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: "Michael B. Smith" <[email protected]<mailto:[email protected]>> To: "NT System Admin Issues" <[email protected]<mailto:[email protected]>> Date: 05-24-12 04:11 PM Subject: RE: PowerBuilder ODBC connection to SQL with alternate credentials ________________________________ Wow, that's a blast from the past. I haven't used that since around 1998/99. It's now part of Progress Software and called Z/Presentation. From: Christopher Bodnar [mailto:[email protected]] Sent: Thursday, May 24, 2012 3:04 PM To: NT System Admin Issues Subject: RE: PowerBuilder ODBC connection to SQL with alternate credentials Update, the developer just informed me that this is not PowerBuilder, but ClientBuilder. I've never heard of this before. Not even sure they are around. This is the only thing online that I've been able to find that references it: http://www.thefreelibrary.com/ClientSoft+Announces+ClientBuilder+8.0%3B+New+Version+Offers...-a0123206721 Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459<tel:610-807-6459> 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:[email protected]> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: Christopher Bodnar <[email protected]<mailto:[email protected]>> To: "NT System Admin Issues" <[email protected]<mailto:[email protected]>> Date: 05-24-12 10:33 AM Subject: RE: PowerBuilder ODBC connection to SQL with alternate credentials ________________________________ Thanks Michael, That is actually where the example I listed below came from. I've also got an example of a PowerBuilder 9 app that shows how to do it. So I can't believe that functionality doesn't exist in PowerBuilder 8.5.1. My guess is that the code is wrong, and I've asked for the developer to send it over for me to review. Thanks for your help. Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459<tel:610-807-6459> 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:[email protected]> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: "Michael B. Smith" <[email protected]<mailto:[email protected]>> To: "NT System Admin Issues" <[email protected]<mailto:[email protected]>> Date: 05-24-12 10:08 AM Subject: RE: PowerBuilder ODBC connection to SQL with alternate credentials ________________________________ Yes. See here for samples: http://www.connectionstrings.com/sql-server-2008 From: Christopher Bodnar [mailto:[email protected]] Sent: Thursday, May 24, 2012 9:55 AM To: NT System Admin Issues Subject: OT: PowerBuilder ODBC connection to SQL with alternate credentials Got a call from a developer. Seems there is an old PowerBuilder 8.5.1 application that currently uses the users current credentials for the ODBC connection to a back end SQL server. The question to me was, can they have it use alternate credentials. So the user would logon to Windows, the app would authenticate them using their windows logon, but the ODBC connection in the application would use an alternate set of credentials to connect to the SQL database. I'm not a developer and I don't know PowerBuilder at all, but shouldn't this be possible with the connection string in the application? Something like this? Driver={SQL Server Native Client 10.0};Server=myServerAddress;Database=myDataBase;Uid=myUsername;Pwd=myPassword; Any help appreciated. Thanks Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459<tel:610-807-6459> 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:[email protected]> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>
