bigdata-danGuest
Dear qgods,
I know that .z.pw is the password event handler in kdb+.
How do I password protect access to kdb+? Do I use .z.pw or hopen?
Danke.
Hi Dan,
hopen is a function that allows opening a handle to a remote process e.g.
hopen `:localhost:5000:dan:dansPASSWORD
Would attempt to open a handle to a q process on the current machine on port 5000 with the username and password dan and dansPASSWORD respectively.
.z.pw is an event handler that is called when a user connects to kdb+. Two arguments are passed into it, the username and the password supplied at connection. These may be empty blank strings if no such arguments were passed. If .z.pw returns 1b access is permitted, else if it returns 0b access is denied. You can override the handler to handle user/password authentication however you wish.
Lastly kdb+ provides a command line option for supplying a file with usernames and passwords when kdb+ starts.
-u passwordFile
-U passwordFile
restricts access to the kdb+ process to those user:password pairs in the file. The lowercase u also prevents access above the directory in which the process was started.
.
