Authentication protects the identity of the user so that user credentials cannot be intercepted by malicious hackers when transmitted over the network. See Authentication for an overview.
The DB2 driver supports the following methods of authentication:
User ID/password authentication authenticates the user to the database using a user ID and password. Depending on the method you specify, the driver passes one of the following sets of credentials to the DB2 database server for authentication:
◦ Encrypted user ID and password
◦ User ID in clear text and an encrypted password
◦ Both user ID and password in clear text
Kerberos authentication uses Kerberos, a trusted third-party authentication service, to verify user identities. Kerberos authentication can take advantage of the user ID and password maintained by the operating system to authenticate users to the database or use another set of user credentials specified by the application.
This method requires knowledge of how to configure your Kerberos environment and supports Windows Active Directory Kerberos and MIT Kerberos.
Client authentication uses the user ID of the user logged onto the system on which the driver is running to authenticate the user to the database. The DB2 database server relies on the client to authenticate the user and does not provide additional authentication.
Note: Because the database server does not authenticate the user, use this method of authentication if you can guarantee that only trusted clients can access the database server.