vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dws/umn/dws_01_0133.html
Lu, Huayi 95132e24fc DWS UMN 830.201_new version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Reviewed-by: Rechenburg, Matthias <matthias.rechenburg@t-systems.com>
Co-authored-by: Lu, Huayi <luhuayi@huawei.com>
Co-committed-by: Lu, Huayi <luhuayi@huawei.com>
2024-05-27 11:54:34 +00:00

118 lines
29 KiB
HTML
Raw Blame History

<a name="EN-US_TOPIC_0000001707293773"></a><a name="EN-US_TOPIC_0000001707293773"></a>
<h1 class="topictitle1">Configuring JDBC to Connect to a Cluster (IAM Authentication Mode)</h1>
<div id="body8662426"><div class="section" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section27045914118"><h4 class="sectiontitle">Overview</h4><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p6861915424">GaussDB(DWS) allows you to access databases using IAM authentication. When you use the JDBC application program to connect to a cluster, set the IAM username, credential, and other information as you configure the JDBC URL. After doing this, when you try to access a database, the system will automatically generate a temporary credential and a connection will be set up.</p>
<div class="note" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_note1736195815497"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ul168105189566"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li5810111819564">Currently, only clusters 1.3.1 and later versions and their corresponding JDBC drivers can access the databases in IAM authentication mode. Download the JDBC driver. For details, see <a href="dws_01_0032.html">Downloading the JDBC or ODBC Driver</a>.</li></ul>
</div></div>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p35170011614">IAM supports two types of user credential: password and Access Key ID/Secret Access Key (AK/SK). JDBC connection requires the latter.</p>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p1198010103465">The IAM account you use to access a database must be granted with the <strong id="EN-US_TOPIC_0000001707293773__b55381155171212">DWS Database Access</strong> permission. Only users with both the <strong id="EN-US_TOPIC_0000001707293773__b653815511214">DWS Administrator</strong> and <strong id="EN-US_TOPIC_0000001707293773__b55383556124">DWS Database Access</strong> permissions can connect to GaussDB(DWS) databases using the temporary database user credentials generated based on IAM users.</p>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p13788243154613">The <strong id="EN-US_TOPIC_0000001707293773__b2448393021050">DWS Database Access</strong> permission can only be granted to user groups. Ensure that your IAM account is in a user group with this permission.</p>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p7700816184016">On IAM, only users in the <strong id="EN-US_TOPIC_0000001707293773__b12487509401050">admin</strong> group have the permissions to manage users. This requires that your IAM account be in the <strong id="EN-US_TOPIC_0000001707293773__b4317584121">admin</strong> user group. Otherwise, contact the IAM account administrator to grant your IAM account this permission.</p>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p659916422120">The process of accessing a database is as follows:</p>
<ol id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ol3462145214219"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li85151550482"><a href="#EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section1560842714">Granting an IAM Account the GaussDB(DWS) Database Access Permission</a></li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li397214417915"><a href="#EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section5410134511612">Creating an IAM User Credential</a></li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li105181930195318"><a href="#EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section289114226329">Configuring the JDBC Connection to Connect to a Cluster Using IAM Authentication</a></li></ol>
</div>
<div class="section" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section1560842714"><a name="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section1560842714"></a><a name="en-us_topic_0000001372839382_section1560842714"></a><h4 class="sectiontitle">Granting an IAM Account the GaussDB(DWS) Database Access Permission</h4><ol id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ol49644474814"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li896410416486"><span>Log in to the <span id="EN-US_TOPIC_0000001707293773__text166071525513">cloud</span> management console. In the service list, choose <strong id="EN-US_TOPIC_0000001707293773__b1967762620344">Management &amp; Governance</strong> &gt; <strong id="EN-US_TOPIC_0000001707293773__b564418300341">Identity and Access Management</strong> to enter the IAM management console.</span></li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1659563112716"><span>Modify the user group to which your IAM user belongs. Set a policy for, grant the <strong id="EN-US_TOPIC_0000001707293773__b12652702661050">DWS Database Access</strong> permission to, and add your IAM user to it.</span><p><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p3425164712910">Only users in the <strong id="EN-US_TOPIC_0000001707293773__b2839147471050">admin</strong> user group of IAM can perform this step. In IAM, only users in the <strong id="EN-US_TOPIC_0000001707293773__b12518842371050">admin</strong> user group can manage users, including creating user groups and users and setting user group rights.</p>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p024213711302">For details, see "User and User Group Management &gt; Viewing or Modifying User Group Information" in the <em id="EN-US_TOPIC_0000001707293773__i2451710211050">Identity and Access Management User Guide</em>.</p>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p16402111693620">You can also create an IAM user group, and set a policy for, grant the <strong id="EN-US_TOPIC_0000001707293773__b5676985631050">DWS Administrator</strong> and <strong id="EN-US_TOPIC_0000001707293773__b11422166811050">DWS Database Access</strong> permissions to, and add your IAM user to it. For details, see "User and User Group Management &gt; Creating a User Group" in the <em id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_i8333707001050">Identity and Access Management User Guide</em>.</p>
</p></li></ol>
</div>
<div class="section" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section5410134511612"><a name="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section5410134511612"></a><a name="en-us_topic_0000001372839382_section5410134511612"></a><h4 class="sectiontitle">Creating an IAM User Credential</h4><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p1438810450166">You can log in to the management console to create an AK/SK pair or use an existing one.</p>
<ol id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ol312012316272"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1310155018297"><span>Log in to the management console.</span></li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li18461519504"><span>Move the cursor to the username in the upper right corner and choose <strong id="EN-US_TOPIC_0000001707293773__b11809077621050">My Credentials</strong>.</span></li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1812033116279"><span>Choose <strong id="EN-US_TOPIC_0000001707293773__b486410514442">Access Keys</strong> to view the existing access keys. You can also click <strong id="EN-US_TOPIC_0000001707293773__b318562014442">Create Access Key</strong> to create a new one.</span><p><div class="p" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p208733211502">The AK/SK pair is so important that you can download the private key file containing the AK/SK information only when you create the pair. On the management console, you can only view the AKs. If you have not downloaded the file, obtain it from your administrator or create an AK/SK pair again.<div class="note" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_note15389154516165"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p1138954591614">Each user can create a maximum of two AK/SK pairs, which are valid permanently. To ensure account security, change your AK/SK pairs periodically and keep them safe.</p>
</div></div>
</div>
</p></li></ol>
</div>
<div class="section" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section289114226329"><a name="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_section289114226329"></a><a name="en-us_topic_0000001372839382_section289114226329"></a><h4 class="sectiontitle">Configuring the JDBC Connection to Connect to a Cluster Using IAM Authentication</h4><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p58811622183211"><strong id="EN-US_TOPIC_0000001707293773__b275412390442">Configuring JDBC Connection Parameters</strong></p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_table9888102218320" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Database connection parameters</caption><thead align="left"><tr id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_row14882142213212"><th align="left" class="cellrowborder" valign="top" width="13%" id="mcps1.3.4.3.2.3.1.1"><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p588132273212">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="87%" id="mcps1.3.4.3.2.3.1.2"><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p9881152213326">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_row888682211328"><td class="cellrowborder" valign="top" width="13%" headers="mcps1.3.4.3.2.3.1.1 "><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p0882132214322">url</p>
</td>
<td class="cellrowborder" valign="top" width="87%" headers="mcps1.3.4.3.2.3.1.2 "><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p488217221326">gsjdbc4.jar/gsjdbc200.jar database connection descriptor. The JDBC API does not provide the connection retry capability. You need to implement the retry processing in the service code. The URL example is as follows:</p>
<pre class="screen" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_screen1288314225322">jdbc:dws:iam://dws-IAM-demo:eu-de/<span id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_text18822220325">gaussdb</span>?<strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b2882522113215">AccessKeyID</strong>=XXXXXXXXXXXXXXXXXXXX&amp;<strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b2882162223211">SecretAccessKey</strong>=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&amp;<strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b18882112283220">DbUser</strong>=user_test&amp;<strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b16882322163219">AutoCreate</strong>=true</pre>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p1788312213328"><strong id="EN-US_TOPIC_0000001707293773__b988310228326">JDBC URL parameters</strong>:</p>
<ul id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ul188602215329"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li6883102293216"><strong id="EN-US_TOPIC_0000001707293773__b13034190301050">jdbc:dws:iam</strong> is a prefix in the URL format.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li788352220324"><strong id="EN-US_TOPIC_0000001707293773__b6476008351050">dws-IAM-demo</strong> indicates the name of the cluster containing the database.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li14884162223220"><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b12662165919363"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b10662125919364">eu-de</strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b14662459203615"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b76631559133619"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b1966345913613"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b1066385963611"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b566455918367"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b666411591361"></strong><strong id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_b56642059153612"></strong> indicates the region where the cluster resides. JDBC accesses the GaussDB(DWS) cluster in the corresponding region and delivers the IAM certificate to the cluster for IAM user authentication. The GaussDB(DWS) service address has been recorded in the JDBC configuration file.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li16885122216327"><strong id="EN-US_TOPIC_0000001707293773__b319964023415"><span id="EN-US_TOPIC_0000001707293773__text17884102293217">gaussdb</span></strong> indicates the name of the database to which you want to connect.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li13885102219328"><strong id="EN-US_TOPIC_0000001707293773__b2395725501050">AccessKeyID</strong> and <strong id="EN-US_TOPIC_0000001707293773__b10919704841050">SecretAccessKey</strong> are the access key ID and secret access key corresponding to the IAM user specified by <strong id="EN-US_TOPIC_0000001707293773__b1555882741050">DbUser</strong>.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1788511222325">Set <strong id="EN-US_TOPIC_0000001707293773__b16206576971050">DbUser</strong> to the IAM username. Note that the current version does not support hyphens (-) in the IAM username.<ul id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ul9885182217324"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li088510223327">If the user specified by <strong id="EN-US_TOPIC_0000001707293773__b7019635861050">DbUser</strong> exists in the database, the temporary user credential has the same permissions as the existing user.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li4885722193211">If the user specified by <strong id="EN-US_TOPIC_0000001707293773__b11823008321050">DbUser</strong> does not exist in the database and the value of <strong id="EN-US_TOPIC_0000001707293773__b3886366801050">AutoCreate</strong> is <strong id="EN-US_TOPIC_0000001707293773__b18057832181050">true</strong>, a new user named by the value of <strong id="EN-US_TOPIC_0000001707293773__b18740911711050">DbUser</strong> is automatically created. The created user is a common database user by default.</li></ul>
</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li188852224321">Parameter <strong id="EN-US_TOPIC_0000001707293773__b2468239241050">AutoCreate</strong> is optional. The default value is <strong id="EN-US_TOPIC_0000001707293773__b4037470451050">false</strong>. This parameter indicates whether to automatically create a database user named by the value of <strong id="EN-US_TOPIC_0000001707293773__b19095226541050">DbUser</strong> in the database.<ul id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ul1388520223323"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li16885122233212">The value <strong id="EN-US_TOPIC_0000001707293773__b17474617481050">true</strong> indicates that a user is automatically created. If the user already exists, the user will not be created again.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li8885112220327">The value <strong id="EN-US_TOPIC_0000001707293773__b121088261050">false</strong> indicates that a user is not created. If the username specified by <strong id="EN-US_TOPIC_0000001707293773__b11731917941050">DbUser</strong> does not exist in the database, an error is returned.</li></ul>
</li></ul>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_row1988811222323"><td class="cellrowborder" valign="top" width="13%" headers="mcps1.3.4.3.2.3.1.1 "><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p138861722103213">info</p>
</td>
<td class="cellrowborder" valign="top" width="87%" headers="mcps1.3.4.3.2.3.1.2 "><p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p98861622193217">Database connection properties. Common properties include the following:</p>
<ul id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_ul1588812225326"><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li688632212328"><strong id="EN-US_TOPIC_0000001707293773__b18082865521050">ssl</strong>: a boolean type. It indicates whether the SSL connection is used.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1288632233216"><strong id="EN-US_TOPIC_0000001707293773__b16565930761050">loglevel</strong>: an integer type. It sets the log amount recorded in DriverManager for LogStream or LogWriter.<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p388616229321">Currently, <span class="parmname" id="EN-US_TOPIC_0000001707293773__parmname13949764141050"><b>org.postgresql.Driver.DEBUG</b></span> and <span class="parmname" id="EN-US_TOPIC_0000001707293773__parmname4152314531050"><b>org.postgresql.Driver.INFO</b></span> logs are supported. If the value is <strong id="EN-US_TOPIC_0000001707293773__b1256419441050">1</strong>, only <strong id="EN-US_TOPIC_0000001707293773__b13152945731050">org.postgresql.Driver.INFO</strong> (little information) is recorded. If the value is greater than or equal to <strong id="EN-US_TOPIC_0000001707293773__b76552731050">2</strong>, <strong id="EN-US_TOPIC_0000001707293773__b5159777211050">org.postgresql.Driver.DEBUG</strong> and <strong id="EN-US_TOPIC_0000001707293773__b2365015551050">org.postgresql.Driver.INFO</strong> logs are printed, and detailed log information is generated. Its default value is <strong id="EN-US_TOPIC_0000001707293773__b12568580501050">0</strong>, which indicates that no logs are printed.</p>
</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1788613228324"><strong id="EN-US_TOPIC_0000001707293773__b4340301601050">charSet</strong>: a string type. It indicates character sets used when data is sent from the database or the database receives data.</li><li id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_li1688810228324"><strong id="EN-US_TOPIC_0000001707293773__b9348019581050">prepareThreshold</strong>: an integer type. It is used to determine the execution times of PreparedStatement before the information is converted into prepared statements on the server. The default value is <span class="parmvalue" id="EN-US_TOPIC_0000001707293773__parmvalue16445810521050"><b>5</b></span>.</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
<p id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_p1788812210326"><strong id="EN-US_TOPIC_0000001707293773__b781733625111">Example</strong></p>
<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001707293773__en-us_topic_0000001372839382_screen1793120154815"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span></pre></div></td><td class="code"><div><pre><span></span><span class="o">//</span><span class="n">The</span><span class="w"> </span><span class="n">following</span><span class="w"> </span><span class="n">uses</span><span class="w"> </span><span class="n">gsjdbc4</span><span class="p">.</span><span class="n">jar</span><span class="w"> </span><span class="k">as</span><span class="w"> </span><span class="n">an</span><span class="w"> </span><span class="n">example</span><span class="p">.</span>
<span class="o">//</span><span class="w"> </span><span class="n">The</span><span class="w"> </span><span class="n">following</span><span class="w"> </span><span class="n">code</span><span class="w"> </span><span class="n">encapsulates</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">database</span><span class="w"> </span><span class="k">connection</span><span class="w"> </span><span class="n">obtaining</span><span class="w"> </span><span class="n">operations</span><span class="w"> </span><span class="k">into</span><span class="w"> </span><span class="n">an</span><span class="w"> </span><span class="n">API</span><span class="p">.</span><span class="w"> </span><span class="n">You</span><span class="w"> </span><span class="n">can</span><span class="w"> </span><span class="k">connect</span><span class="w"> </span><span class="k">to</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">database</span><span class="w"> </span><span class="k">by</span><span class="w"> </span><span class="n">specifying</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">region</span><span class="w"> </span><span class="k">where</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">cluster</span><span class="w"> </span><span class="k">is</span><span class="w"> </span><span class="n">located</span><span class="p">,</span><span class="w"> </span><span class="k">cluster</span><span class="w"> </span><span class="n">name</span><span class="p">,</span><span class="w"> </span><span class="k">access</span><span class="w"> </span><span class="k">key</span><span class="w"> </span><span class="n">ID</span><span class="p">,</span><span class="w"> </span><span class="n">secret</span><span class="w"> </span><span class="k">access</span><span class="w"> </span><span class="k">key</span><span class="p">,</span><span class="w"> </span><span class="k">and</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">corresponding</span><span class="w"> </span><span class="n">IAM</span><span class="w"> </span><span class="n">username</span><span class="p">.</span>
<span class="k">public</span><span class="w"> </span><span class="k">static</span><span class="w"> </span><span class="k">Connection</span><span class="w"> </span><span class="n">GetConnection</span><span class="p">(</span><span class="n">String</span><span class="w"> </span><span class="n">clustername</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">regionname</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">AK</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">SK</span><span class="p">,</span>
<span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">username</span><span class="p">)</span><span class="w"> </span><span class="err">{</span>
<span class="w"> </span><span class="o">//</span><span class="w"> </span><span class="n">Driver</span><span class="w"> </span><span class="k">class</span><span class="p">.</span>
<span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">driver</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ss">&quot;org.postgresql.Driver&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="o">//</span><span class="w"> </span><span class="k">Database</span><span class="w"> </span><span class="k">connection</span><span class="w"> </span><span class="k">descriptor</span><span class="p">.</span>
<span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">sourceURL</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="ss">&quot;jdbc:dws:iam://&quot;</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">clustername</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ss">&quot;:&quot;</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">regionname</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ss">&quot;/postgresgaussdb?&quot;</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ss">&quot;AccessKeyID=&quot;</span>
<span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">AK</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ss">&quot;&amp;SecretAccessKey=&quot;</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">SK</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ss">&quot;&amp;DbUser=&quot;</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">username</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="ss">&quot;&amp;autoCreate=true&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="k">Connection</span><span class="w"> </span><span class="n">conn</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">null</span><span class="p">;</span>
<span class="w"> </span><span class="n">try</span><span class="w"> </span><span class="err">{</span>
<span class="w"> </span><span class="o">//</span><span class="w"> </span><span class="k">Load</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">driver</span><span class="p">.</span>
<span class="w"> </span><span class="k">Class</span><span class="p">.</span><span class="n">forName</span><span class="p">(</span><span class="n">driver</span><span class="p">);</span>
<span class="w"> </span><span class="err">}</span><span class="w"> </span><span class="n">catch</span><span class="w"> </span><span class="p">(</span><span class="n">ClassNotFoundException</span><span class="w"> </span><span class="n">e</span><span class="p">)</span><span class="w"> </span><span class="err">{</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="k">null</span><span class="p">;</span>
<span class="w"> </span><span class="err">}</span>
<span class="w"> </span><span class="n">try</span><span class="w"> </span><span class="err">{</span>
<span class="w"> </span><span class="o">//</span><span class="w"> </span><span class="k">Create</span><span class="w"> </span><span class="n">a</span><span class="w"> </span><span class="k">connection</span><span class="p">.</span>
<span class="w"> </span><span class="n">conn</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">DriverManager</span><span class="p">.</span><span class="n">getConnection</span><span class="p">(</span><span class="n">sourceURL</span><span class="p">);</span>
<span class="w"> </span><span class="k">System</span><span class="p">.</span><span class="k">out</span><span class="p">.</span><span class="n">println</span><span class="p">(</span><span class="ss">&quot;Connection succeed!&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="err">}</span><span class="w"> </span><span class="n">catch</span><span class="w"> </span><span class="p">(</span><span class="k">SQLException</span><span class="w"> </span><span class="n">e</span><span class="p">)</span><span class="w"> </span><span class="err">{</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="k">null</span><span class="p">;</span>
<span class="w"> </span><span class="err">}</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">conn</span><span class="p">;</span>
<span class="err">}</span>
</pre></div></td></tr></table></div>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_01_0081.html">Using the JDBC and ODBC Drivers to Connect to a Cluster</a></div>
</div>
</div>
View Git Blame Copy Permalink