Description
When you access an SAP Adaptive Server Enterprise database in PowerBuilder through Open Client, Sec_Replay_Detection is one of several parameters that support per-packet security for network-based security services. (For other per-packet security parameters, see the See Also section.)
Sec_Replay_Detection controls whether your connection's security mechanism can detect and reject unauthorized attempts to capture and replay transmitted data. When Sec_Replay_Detection is set to 1, the security mechanism detects and subsequently rejects any unauthorized attempts by third parties to capture packets sent to the server and repeat (replay) the commands in the packets at a later time.
When Sec_Replay_Detection is set to 0 (the default), the security mechanism cannot detect unauthorized attempts to capture and replay data.
You must specify a value for Sec_Replay_Detection before connecting to the database in PowerBuilder.
Using third-party security mechanisms
For information about the third-party security mechanisms and operating system platforms that has been tested with Open Client security services, see the Open Client documentation.
Applies to
ASE, SYC SAP Adaptive Server Enterprise
Syntax
Sec_Replay_Detection=value
|
Parameter |
Description |
|---|---|
|
value |
Specifies whether your connection's security mechanism can detect and reject unauthorized attempts to capture and replay transmitted data. Values are:
|
Default value
Sec_Replay_Detection=0
Usage
When to use
In a nonsecure network, unauthorized third parties might capture the commands sent to a server in order to repeat (replay) these commands at a later date. For example, if packets are sent from the client to the server in the order P1, P2, P3 and the server receives the packets in the order P1, P3, P2, this is considered an attempt to replay the data. Setting Sec_Replay_Detection to 1 ensures that your security mechanism can detect and subsequently reject all such unauthorized attempts to capture and replay data transmitted over the network.
Set Release parameter
For this parameter to take effect, you must also set the Release parameter to 11 or higher to specify that your application should use the appropriate version of SAP Sybase Open Client Client-Library (CT-Lib) behavior. See the description of the Release parameter for more information.
Requirements for use
To use Sec_Replay_Detection or any other parameter supporting Open Client security services, you must meet certain requirements for using security services in your PowerBuilder application. For details, see the section called “Requirements for using Open Client security services” in Connecting to Your Database.
Corresponding CT-Lib connection property
Specifying a value for Sec_Replay_Detection sets the corresponding SAP Sybase CT-Lib connection property named CS_SEC_DETECTREPLAY.
Examples
To allow your security mechanism to detect and reject unauthorized attempts to capture and replay transmitted data:
-
Database profile
Select the Detect Replayed Commands check box on the Security page in the Database Profile Setup dialog box.
-
Application
Type the following in code:
SQLCA.DBParm="Sec_Replay_Detection=1;Release=12.5"
See also
