Newsletters   Subscriptions  Forums  Store   Career  Media Kit  About Us  Contact  Search   Home 
fhg
Volume 5, Number 25 -- June 22, 2005

Turning Off ODBC Journaling Is Not a Good Idea


Hey, Joe:


After reading your column on "Curing the ODBC Blues," I came to the same conclusion that you did regarding how to avoid the SQL7008 error: You need to journal your OS/400 files to avoid ODBC update errors. But then someone showed me the ODBC advanced server option in the iSeries Access ODBC driver, where you can set your ODBC drivers' Commit mode to eliminate the need for journaling files updated by ODBC. This seems like a better solution.

--Brock


Here's my take on the situation.

By default, IBM sets iSeries Access for Windows ODBC drivers up with a Commit mode parameter equal to Read uncommitted (*CHG), which requires you to journal all of your target ODBC files. This means that all changed, added, or deleted rows referred to in an ODBC statement are locked until the end of the transaction, and then these transactions are either applied to or rolled back from the journaled OS/400 database as a group. You can change this setting by clicking on the Server tab of your ODBC driver and then selecting the Advanced button on the Server setup screen. On the Advanced Server options screen, if you change the Commit mode parameter to Commit immediate (*NONE), this removes the requirement that any OS/400 files updated through this ODBC driver must be journaled.

While it's true that journaling is not an absolute requirement for ODBC-enabled updates, journaling does enable two critical objectives when you use ODBC to update OS/400 data from a desktop program.

It insures that all ODBC statements are successfully completed via commitment control, maintaining data integrity by making sure all database changes are applied as intended. With commitment control, database changes are grouped together and processed as a single unit of work. If the statement completes successfully, all the changes are applied as a group, insuring that your database is accurately updated from a remote system (or at least as accurate as the SQL statement that produced them). If the statement doesn't successfully complete, the changes are rolled back as a group rather than being partially applied. Journaling is a requirement for commitment control and if journaling is turned off when a remote SQL operation fail, this could corrupt your database by partially applying individual changes that were meant to be applied as a group. So journaling and commitment control are critical for data integrity via ODBC.

To provide an audit trail for any changes that are made through ODBC. One of the nightmares of ODBC is the lack of auditability when someone changes data. As opposed to pre-written application programs, ODBC users have very few limits when updating data. With an ODBC connection and the proper authority, any users can change any fields they are authorized to in any fashion. If someone wants to (or accidentally) changes all your shipping dates to June 11, 2999, he or she can write and execute an ODBC program that does just that. So if you remove the journaling requirement for ODBC-enabled changes, you not only open your database to possible corruption if the connection goes down, you also remove an audit tool that can be used to isolate just when and where the data corruption occurred.


In my opinion, turning off the journaling requirement for ODBC is like watching a bad movie where a mad scientist performs a diabolical experiment that ends in disaster. Just because you can do something doesn't necessarily mean that you should do it. Yes, journaling ODBC changes is a hassle, a headache, and more work than an overworked administrator needs. But if you don't enable journaling for your ODBC connections, you lose two really valuable tools for insuring data integrity and providing an audit trail to determine who corrupted a database and what you should do about it.

Just my .02 and something to think about.

--Joe


RELATED STORY

Curing the ODBC Blues

Sponsored By
PATRICK TOWNSEND & ASSOCIATES

Deploy. Run. Manage. Succeed.

Alliance AES/400
Database Field Encryption

· Encrypt credit card, social security, pin numbers and other sensitive data.
· Easy to use with RPG or COBOL - sample code included.
· Get compliant - SOX, Privacy notification, GLBA, Etc.
· Free 30-day trial. Fully functional software - Not a demo.

DB2 field encryption with Alliance AES: Encrypt and decrypt individual fields in AS/400 DB2 database files. Alliance APIs can be used in RPG and Cobol applications including older OPM applications. Alliance AES encryption for DB2 fields integrates with Alliance key management for the secure storage of AES keys.

DB2 file encryption with Alliance AES: Encrypt any DB2 database file with Alliance AES/400. You can specify that the data be converted to ASCII or retained in the original EBCDIC character set. You can also specify that the pass phrase should be converted to ASCII for decryption on an ASCII system such as Microsoft Windows. Alliance DB2 file encryption integrates with Alliance AES key management.

IFS file encryption with Alliance AES: You can encrypt and decrypt IFS (Integrated File System) files with Alliance AES encryption commands. Once encrypted files can be decrypted on an AS/400 or Windows PC or Server platform. You can also use the free Alliance Windows AES encryption application to encrypt files on a Windows platform for decryption on the AS/400. IFS file encryption integrates with Alliance AES key management for secure key storage.

AES self-decrypting archives: Alliance AES/400 can encrypt files into a self-decrypting archive. A self-decrypting archive is a Windows executable program. You can run the self-decrypting archive, enter a pass phrase, and decrypt and extract the file. If run from a command line you can pass the program parameters for the decryption. This is helpful if you are automating the decryption process. If you run the self-decrypting archive program without parameters it presents a Windows GUI dialog for pass phrase and other decryption information.

Report distribution with AES encryption: When Alliance AES encryption is used with the Alliance FTP Manager application you can automatically distribute reports in encrypted or self-decrypting archive format. Reports can be sent from one or more output queues, and reports can be selectively routed from the output queue.

AES key management: Alliance AES/400 provides a complete key management facility to help you securely store keys and pass phrases. All application program interfaces and commands allow the use of a named AES key. The Alliance AES key manager automatically backs up the key store when keys are added or changed.

Windows encryption application: Alliance AES encryption includes a Windows application that you can freely distribute to provide encryption and decryption services. Files encrypted on a Windows platform with the Alliance application can be decrypted on the AS/400. Files encrypted on the AS/400 can be decrypted on the Windows platform.

Sample code: The Alliance AES/400 product includes sample RPG and ILE-RPG source code that demonstrate how to use the encryption APIs. There are also sample CL programs that show how to use the Alliance commands to encrypt and decrypt files, and create self-decrypting archives.

More information:
Patrick Townsend & Associates, Inc.
7700 Earling Street NE
Olympia, WA 98506
Voice: (360) 357-8971
Fax: (360) 357-9047
Email: Info@patownsend.com
Web: www.patownsend.com

Click here for 30 day trial
Technical Editors: Howard Arner, Joe Hertvik, Ted Holt,
Shannon O'Donnell, Kevin Vandever
Contributing Technical Editors: Joel Cochran, Wayne O. Evans, Raymond Everhart,
Bruce Guetzkow, Marc Logemann, David Morris
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

THIS ISSUE
SPONSORED BY:

Advanced Systems Concepts
WorksRight Software
Patrick Townsend & Associates


Four Hundred Guru

BACK ISSUES

TABLE OF
CONTENTS
Execute SQL Statements on DB2 UDB for Windows from the iSeries

Case-Insensitive Sorting and Record Selection with Query/400

Turning Off ODBC Journaling Is Not a Good Idea


The Four Hundred
The OS/400 Ecosystem,
Part 2

IBM's iSeries Rejuvenation Efforts Begin to Bear Fruit

ERP Market Grew Solidly in 2004, AMR Research Says

Mad Dog 21/21: If It Walks Like Sudoku . . .

Four Hundred Stuff
Oracle Gives J.D. Edwards World Shops Something to Cheer About

Stonesoft Clamps Down on Evolving Security Threats with Firewall

Linoma's Transfer Anywhere Tool Does Greenscreen, Too

LaserVault Boosts Compliance Efforts with New Audit Log

Four Hundred Monitor


Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc. (formerly Midrange Server), 50 Park Terrace East, Suite 8F, New York, NY 10034
Privacy Statement