Class DB2DatasourceConnection

Namespace

YndigoBlue.Velocity.Data.DB2

Assembly

YndigoBlue.Velocity.dll

Connection configuration for IBM DB2 databases.

public class DB2DatasourceConnection : DatasourceConnection, IDatasourceConnection

Inheritance

object

DatasourceConnection

DB2DatasourceConnection

Implements

IDatasourceConnection

Remarks

Warning

DB2 database support is not available in the Community Edition of Velocity. It requires the Full Edition.

Supports DB2 for LUW (Linux, Unix, Windows).

Default port: 50000

Includes support for spatial data management with configurable update frequencies.

SSL behaviour:

Disable connects without encryption. Prefer and Require are not supported and will throw a NotSupportedException at connection time.

Unlike other database drivers, IBM DB2's GSKit layer always validates the server certificate during the TLS handshake — there is no "encrypt without verification" mode. The two supported SSL modes are:

• VerifyCA — encrypted channel, CA signature verified, hostname not checked. Sets SSLClientHostnameValidation=Off explicitly to prevent silent promotion to VerifyFull behaviour on Net.IBM.Data.Db2 v9.0.0.300+ (driver 12.1.2.0+), which defaults hostname validation to Basic.
• VerifyFull — encrypted channel, CA signature verified, and the server's hostname or IP must match the certificate's Subject Alternative Name (SAN) or Common Name (CN). Sets SSLClientHostnameValidation=Basic.

SslCaPath is mapped to the SSLServerCertificate connection string parameter, allowing the CA certificate PEM file to be specified directly without requiring a GSKit keystore. Alternatively, trust material can be provided via the Windows Certificate Store or a GSKit keystore (.kdb) passed through SetAdvancedSettings (SSLClientKeystoreDB and SSLClientKeystash).

SslCertificatePath and SslKeyPath are not used — Net.IBM.Data.Db2 does not support client certificate authentication via connection string parameters.

Integrated security / Kerberos:

Set UseIntegratedSecurity to true to use OS-level authentication instead of a username and password. The AuthenticationMethod property controls which DB2 Authentication= keyword is emitted:

• Client — Authentication=CLIENT. The DB2 server trusts the client OS to have authenticated the user; the OS username is forwarded with no password. Requires the DB2 server to be configured with AUTHENTICATION CLIENT.
• Kerberos (default) — Authentication=KERBEROS. Requires a valid Kerberos TGT on the client.
• KerberosServerEncrypt — Authentication=KRB_SERVER_ENCRYPT. Kerberos with additional DB2-level encryption.
• GssPlugin — Authentication=GSSPLUGIN. DB2 GSS authentication plugin (covers LDAP-backed auth and other GSS mechanisms).
• GssServerEncrypt — Authentication=GSS_SERVER_ENCRYPT. GSS plugin with additional DB2-level encryption.

All integrated-security mechanisms require external configuration — the DB2 server, KDC, and/or LDAP directory must be set up before connecting. Velocity only sets the connection string keyword.

Examples

// Connect to DB2 with standard configuration
var conn = new DB2DatasourceConnection
{
    Hostname = "localhost",
    Port = 50000,
    Database = "SAMPLE",
    Username = "db2admin",
    Password = "mypassword"
};

using (var m = new Manager(conn))
{
    var schema = m.LoadSchema("DB2ADMIN");
    // Perform database operations
}

Properties

AuthenticationMethod

Gets or sets the DB2 authentication mechanism used when UseIntegratedSecurity is true.

DatasourceType

Gets the datasource type for DB2.

SslMode

Overrides the default Prefer to Disable for DB2, since Prefer is not supported by the IBM GSKit layer and would throw a NotSupportedException at connection time.

UpdateFrequency

Gets or sets the update frequency schedule for full-text indexes on DB2 databases.

UpdateMinimum

Gets or sets the minimum number of changes required to trigger a full-text index update. Default is 5.