DataDirect has released version 3.3 of their database Connect product. Connect for JDBC consists of a set of Type 4 JDBC drivers for Oracle, SQL Server, Informix, Sybase, and DB2. It supports the latest DB features, and is fully JDBC 3.0 compliant.

DataDirect plans to offer single-signon (like they have added for SQL Server via Windows Auth) for all databases in the future.

The new release showcases:

SQL Server

- Supports Windows Authentication for establishing connections to Microsoft SQL Server, while still remaining a pure Type 4 JDBC driver
- Improved updateable resultset functionality

DB2

-Improved performance for batch inserts and updates for DB2 UDB v8.1
- Full transaction isolation level support
- Auto-creation of required packages

Oracle
- Improved NClob support

Informix
- Support for Informix 9.4

General
- Support for retrieval of auto generated keys (a JDBC 3.0 optional feature)
- Certified with Sun Microsystem's generic resource adapter (JDBC Connector).

Links:

JDBC 3.3 Release Highlights

Patent Pending on Type 4 JDBC Drivers Providing Single Sign-on

Through an innovation claimed to be impossible by many in the industry, DataDirect Technologies has implemented Windows authentication within their Type 4 JDBC components used for connecting Java applications to Microsoft SQL Server data. DataDirect Technologies has a patent pending on this new technology... No other vendor has this feature in Type 4 drivers, and some have even claimed that it can’t be done."

DataDirect has proven that it can be done. Maybe next, they should explain why we would want to.

How many of us want our appserver to reauthenticate each database connection before executing every query? I thought the whole reason we created connection pools in the first place was that we wanted to avoid the overhead of re-acquiring external resources in order to execute each and every database statement.

I suppose you could supply a Windows user ID to start up and own all of the connections in the pool, but that's not much of a single sign-on solution, is it?

I think most of us have decided that it makes for better architecture when we handle security at the application level, rather than at the database connection level. And I can integrate application-level security with Windows authentication without a patent-pending solution that they said would be impossible.

>>Maybe next, they should explain why we
>>would want to.

LOL! Good one.

I don't that's the point of Windows authentication, though it's the angle that's being taken by the press release. I'd agree that authentication is best left to the app.

To me it would seem that they are resolving a network security issue. If I can turn off mixed mode authentication on my SQLServer DB, and only allow users and computers in the AD, I have less to worry about.

I would imagine that this would be useful in standalone applications, where the administrator doesn't want to make a new db user account for every install.

We all have done it in the opast in one way or other. Verify the user credentials one time and apply it all over. There is nothing much to it. I have dont it in the past atleast 5 places. Its just that theese guys have put a patent on it. I hope I can still use my old apps as it is without giving these guys some royalty.
Lets get over this hype people ... lets make some sensible stuff .. no marketing stuff in programming

Windows authentication increases security by allowing you to define a database connection without specifing any user name or password in the application configuration files.

DB2 UDB uses the same OSLevel authentication for its
connections, every db2 uses has to be a os(Unix,Windows) user
within the server. This also applies to OS/400,OS/390(Mainframe)
connections using DB2/Connect.

If data direct can implement TYPE-4 authentication to DB2
that would be nice.