Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 12.0.0 » SQL Anywhere Server - Database Administration » Starting and connecting to your database » Using SQL Anywhere database servers » Running authenticated SQL Anywhere applications » Developing an authenticated application

 

Authenticating your application

An authenticated application must set the connection_authentication database option immediately after connecting. The option must be set on every connection immediately after the connection is established. ODBC or JDBC applications query the database about its capabilities, and you may not have control over these actions. For this reason, every connection has a thirty second grace period before the restrictions apply. The grace period allows an application to authenticate regardless of which development tool is being used.

You can use the Authenticated connection property to determine if the database has been authenticated:

SELECT CONNECTION_PROPERTY ( 'Authenticated' );

For more information about connection properties, see Connection properties.

The following SQL statement authenticates the connection:

SET TEMPORARY OPTION connection_authentication='company = company-name;
     application=application-name;
     signature=application-signature';
Note

Line breaks have been added to the syntax example to improve readability. However, the syntax should be executed without line breaks and without spaces between the equal sign and semi-colons.

The option must be set for the duration of the connection only by using the TEMPORARY keyword. The company-name and application-name must match those in the database authentication statement. The application-signature is the signature that you obtained from Sybase.

The database server verifies the application signature against the database signature. If the signature is verified, the connection is authenticated and has no restrictions on its activities beyond those imposed by the SQL permissions. If the signature is not verified, the connection is limited to those actions permitted by unauthenticated applications.