RKTools installation
Overview
RKTools (Rocket Tools for Model 204) is a set of application subsystems (aka APSYs) running inside a Model 204 Online that provide TN3270 and web-based tools for programmers, database administrators, and system managers.
As of RKTools V7.7, all Rocket-provided, SOUL-based tools are consolidated in the M204PROC
procedure file. M204PROC
includes all components from RKTools 7.5 in addition to Dictionary/204 and the SQL Server utilities. This means that all Model 204 SOUL tools provided by Rocket are in a single file.
Tip: The RKTools 7.7 installation process modifies the application subsystem definitions to point to the M204PROC
file. If you might want to switch back to the previous version of RKTools, you should keep a backup of your current SIRIUS
file and your current CCASYS
file (though you can also change the subsystem definitions manually using SUBSYSMGMT).
Installing RKTools requires downloading the M204PROC
file from the Model 204 maintenance website, restoring it to your environment, setting up some subsidiary Model 204 files, and verifying that the environment has the appropriate parameter settings.
Once the installation is complete, upgrades to RKTools can almost always be handled by restoring a fresh copy of the M204PROC
file.
Dictionary/204
Because all Rocket Model 204 procedures are in one file in V7.7, including those for Dictionary/204, review the Dictionary/204 installation guide to see what steps, if any, related to the Dictionary/204 tools (SUBSYSMGMT, FILEMGMT, and so on) might need to be run in addition to the RKTools installation.
Download the installation file
All RKTools 7.7 code resides in the M204PROC
Model 204 file. You need to download a dump version of this file from the Rocket Software Model 204 maintenance website. The procedure file for RKTools 7.5 is SIRIUS
.
To download from the Rocket website:
- On the Rocket M204 Customer Care page, go to the "Downloads and Uploads" section and select the "Download SOUL files" link to access the "SOUL files for Rocket Software" page.
- Log in, and download the version of RKTools that is compatible with your version of Model 204. The procfile contained in the "RKTools V7.7" link works for Model 204 versions 7.6 and above. For Model 204 version 7.5, use the download labeled "RKTools V7.5."
A "Click here" link in the text above the file list on the SOUL files download page brings up Downloading and restoring SOUL files, which provides help about downloading and uploading files, file sizing, and more.
You can bypass any step of the installation that applies only to an RKTools module you are not installing.
System requirements
- RKTools V7.7 was made specifically backward compatible to M204 version 7.6, though version 7.7 is recommended. Version 7.5 of RKTools requires Model 204 version 7.5 or higher.
- Requirements for server sizes and parameter settings for each product are listed in RKTools server sizes.
- To verify the products for which your Online is authorized, enter
ROCKET
at the Model 204 command line. - The installing user must have:
- Update access to the JCL or EXECs that bring up the host Online
- Model 204 System Manager privileges
- Access to the SUBSYSMGMT facility and the JCL or EXEC that runs the Online Model 204 region.
Installing RKTools
Attention: If you are upgrading from a previous version, keep your old copies of SIRLOCAL
, M204LOCL
, and any application-specific data files, such as JANCAT
, SIRLIBD
, SIRFILED
, or SIRSTATS
. As of RKTools 7.7, the SIRIUS
file is no longer used, but there is no harm in keeping it in case you want to fall back to a previous release.
The installation process uses your existing RKTools files to determine whether to perform upgrade actions or new-installation actions.
- Allocate the space required for the RKTools files. The following table shows the RKTools files and their sizes:
- RESTORE
M204PROC
from the downloaded DUMP file.Note: If you are restoring into your existing
M204PROC
file, note that theM204PROC
file has X'0221' privileges, which does not allow RESTORE. You will have to CREATE the file first (to wipe out existing content) before you execute the RESTORE. A sample command sequence is:CREATE FILE M204PROC END CREATE OPEN FILE M204PROC IN M204PROC RESTORE 192 FROM dumpfile
- Update the Online JCL or EXEC:
- Add DD (MVS) cards or FILEDEFs (CMS) for the RKTools files. The "RKTools file allocations" table above lists the files for which DD cards or FILEDEFs might be needed.
- Verify that the Online environment allows the use of file groups and application subsystems.
- To use permanent file groups, the Online must have allocated an
initialized
CCAGRP
file, and the SYSOPT parameter must contain the2
bit. - To use APSY subsystems, an Online must have allocated an initialized CCASYS file (with all fields defined), and the SYSOPT parameter must contain the
1
bit.
- To use permanent file groups, the Online must have allocated an
initialized
- Verify that the Online has a minimum of 10 Sdaemon threads allocated. Each of these threads is typically defined as
IODEV15
thread. If using RKWeb or any of the web interfaces to other components, you may need more IODEV15s available. - Modify the User 0 stream.
Adjust these parameters:
Parameter Adjustment NFILES Increase by the number of RKTools files. NDCBS Increase by the number of RKTools files. NDIR Increase by the number of RKTools files. NORQS Minimum setting is 5. MAXDAEM Minimum setting is 10. MAXINCL Minimum setting is 10. MAXBG Minimum setting is 4. SESUMAX Minimum setting is 10. The right setting for your site might be higher, based on RKWeb usage. SESNPUB Minimum setting is 40. The right setting for your site might be higher, based on RKWeb usage. CUSTOM RKWeb must include the 18 setting to enable a larger SSLIBSIZE on the Janus Web port, which must be secured. COMPOPT RKTools requires the COMPOPT X'03' bit, which enables mixed-case SOUL. RKTools makes extensive use of mixed-case coding, and the tools fail to compile if support is not enabled. If batch SirLib or other batch features are used, ensure that COMPOPT is set to X'03' in those jobs as well. - Verify you have adequate UTABLE settings.
Initial problems with RKTools subsystems are usually associated with one or two extremely small default UTABLE settings. Running the failing subsystem in
TEST DEBUG
mode will highlight UTABLE parameters that need to be increased.These are the recommended settings:
UTABLE parameter Value Description SEQPDL 4096 Minimum PDL available for sequencer LIBUFF 2000 Length of input buffer LOBUFF 960 Length of output buffer LPDLST 10000 Length of user push down list LQTBL 2200 Length of QTBL LNTBL 450 Length of NTBL LSTBL 60000 Length of STBL LTTBL 2000 Length of TTBL LVTBL 1300 Length of VTBL LGTBL 2000 Length of global variable table LFTBL 1000 Length of FTBL LXTBL 1000 Length of XTBL LITBL 104 Length of ITBL LOUTPB 10000 Length of output page buffer LFSCB 21400 Length of full screen buffer NORQS 10 Number of requests preserved HTLEN 220 Max length of each header or trailer MAXHDR 7 Max number of headers MAXTRL 7 Max number of trailers SCRNSTBL 12000 STBL size for screen objects; this must be set for SIRMON
,SIRPRO
, andSIRSCAN
.A setting of 18000 is recommended for shops that use Mod 6 terminals with very large screen sizes (Rocket regularly tests with 3270 screen sizes of 50x150 characters).
Note: Either 12000 or 18000 is both a recommended minimum and maximum. Unless you have very large servers at your site (1 megabyte or larger), or you have very large screen objects in your own application code, a very large SCRNSTBL will cause table-size resets to fail.
- Install the UL/SPF components, and install or reinstall Dictionary/204 and SQL utitilies as needed:
UL/SPF components
Issue these commands:
OPEN FILE CCASYS OPEN FILE M204PROC INCLUDE RKTOOLS_INSTALL
RKTOOLS_INSTALL performs all installation functions for new users and all upgrade functions for reinstalling users. No user profiles or other site-specific customization will be lost, as long as your existing SIRLOCAL file is left in place. If any problems are encountered while running this procedure, correct the problems and re-execute.
The procedure
RKTOOLS_INSTALL
also builds an APSY subsystem calledRKINSTALL
. If installations need to be re-run, the subsystem may be invoked rather than the procedure.During APSY subsystem execution, error messages are not suppressed, which aids in diagnosing any installation problems. For example, you will be able to see if an installation failed because a file was enqueued in a different Online, and so on.
Dictionary/204
Though the Dictionary/204 components are delivered inM204PROC
and accessible from RKWeb, they have their own installation process. Review the Dictionary/204 installation guide to see what steps, if any, related to the Dictionary/204 tools (SUBSYSMGMT, FILEMGMT, and so on) you might need to run in addition to the RKTools installation.SQL Server
The Model 204 SQL Server components continue to be delivered inM204PROC
but they are also accessible from RKWeb. Using RKWeb for the SQL Server tools (CCACATREPT, CCATSF) requires the availability of additional supporting files and the inclusion of a separate installation procedure, as described in Model 204 SQL Server installation.
- Use SUBSYSMGMT to add users to the appropriate SCLASS classes for any private or semi-public RKTools subsystems.
The installing user is automatically added to the administration SCLASS in all RKTools subsystems.
- Review the next section, "RKTools server sizes," for specific requirements of individual subsystem components of RKTools.
File | Size | Allocation is required... |
---|---|---|
M204PROC | 9800 pages | Always. |
SIRLOCAL | 1200 pages | Always. |
M204LOCL | 2000 pages | If using RKWeb. |
MONDATA | 4000 pages | Only if installing SirMon. Note: |
SIRFILED | 1200 pages | Only if installing SirFile. |
SIRLIBD | 1200 pages | Only if installing SirLib. |
SIRLIBP | 1200 pages | Only if installing SirLib. |
JANCAT | 1200 pages | Only if installing Janus OMNI. |
JANSSL | 1200 pages | Only if installing Janus SSL or RKWeb. |
Note: CCATEMP usage might increase with RKTools.
CCATEMP should be monitored (VIEW TEMPSIZE
, VIEW TEMPMAX
) to ensure that sufficient space is allocated to accommodate the additional activity.
Server size requirements
The server size requirements for RKTools, Dictionary/204, and Model 204 SQL Server are listed in this section.
Note: The actual server size requirements might vary slightly from the listings below because of table settings in your Model 204 Online, and because of slight differences between UTABLE requirements in different versions of Model 204.
RKTools server size
The minimum RKTools server size requirements are listed below. Rocket recommends using one server size for the entire Online, making it at least 750,000 bytes to accomodate the largest RKTools component.
Subsystem name | Minimum server size |
---|---|
SIRADMIN | 150K |
SIRDBA | 180K |
SIRFILE | 230K |
SIRLIB | 135K |
SIRMON | 220K |
SIRPRO | 750K |
SIRSCAN | 250K |
JANSSL | 300K |
RKTools | 135K |
Dictionary/204 server size
The minimum Dictionary/204 server size requirements are listed below.
Subsystem name | Minimum server size |
---|---|
DICTIONARY | 455K |
DOCUMENT | 455K |
DICTADMIN | 455K |
FILEMGMT | 455K |
SUBSYSMGMT | 455K |
DICTREPORT | 455K |
XREF | 455K |
SQL Server size
The minimum Model 204 SQL Server size requirements are listed below.
Subsystem name | Minimum server size |
---|---|
CCACATREPT | 250000 |
CCATSF | 165000 |
Additional setup for SirLib
Read and follow the instructions in the SirLib "getting started" steps.
Additional setup for SirScan
The SirScan administrator can use SIRADMIN to set default I/O and record maximums for users in the various SirScan SCLASSes. See SirScan setup for details.
Additional setup for SirMon
When users are added to SCLASSes, note that there is a special BUMP SCLASS. Any user added to this SCLASS gains the ability to BUMP other users. This class does not provide access to customizing options in SirMon. Only users in the ADMIN SCLASS are able to add custom screen definitions to SirMon.
If the SirMon background monitor is to be used, add the following line to User 0's input stream:
SIRMON BACKGROUND
The background monitor may also be started automatically in a BATCH2 thread or an sdaemon thread. Consult the SirMon documentation for details.
You can customize statistic thresholds or use the supplied defaults to establish problem conditions.
SirMon has a feature to send warnings to e-mail addresses and cell phones (via e-mail). This feature requires Janus Sockets and a started Janus Sockets port.
Additional setup for SirFile
If the SirFile background monitor is to be used, add the following line to User 0's input stream:
SIRFILE BACKGROUND
As with SirMon, the background monitor may be started automatically in a BATCH2 thread or in an sdaemon thread. See SirFile refresh process for details.
You can customize the system and file-specific thresholds or use the supplied defaults to establish problem conditions.
RKTools access privileges and SCLASSes
Each component application of RKTools has its own APSY subsystem definition and privileges associated with SCLASS specifications. If you have a good reason for doing so, you can redefine any of the RKTools subsystems as PUBLIC, SEMI-PUBLIC, or PRIVATE. Contact Rocket Software if you are unsure of the effect of a proposed change.
RKTools components are installed as auto-start. Use SUBSYSMGMT to disable this feature if you prefer that the subsystems not start automatically at each user request.
RKWeb (Model 204 Tools on the Web)
New for RKTools version 7.7 (and requiring at least Model 204 version 7.6), RKWeb provides web access for all the important elements of Model 204. Use of this product requires Janus Web Server. If your site does not own Janus Web Server, RKWeb can still be used by a limited number of Janus Web threads under the Janus TOGA agreement, which allows the running of as many as four web threads.
Because RKWeb includes an interface for password maintenance and other protected Model 204 entities, it is mandatory to run it on an SSL-protected web port. Experienced users of Janus Web will probably have Janus ports already defined and protected by SSL certificates. Users new to Janus Web might want to review the bottom section, below, on defining an unprotected port that can be used to generate an initial self-signed certificate.
Browser support and configuration
RKWeb supports Edge, Chrome, and the latest versions of Firefox and Safari. IE (Internet Explorer) is explicitly not supported as it is deprecated by Microsoft.
On some browsers, it might be necessary to allow pop-ups or to whitelist your RKWeb port so that pop-ups are authorized.
RKWeb makes extensive use of Javascript, which must be enabled for your browser.
Janus Web port definition
Authorized Janus Web Server users will find that RKWeb works best with at least ten Janus Web threads available on the port definition. Non-Janus customers can still use RKWeb via the free Limited Janus Web Server feature, which allows a Janus Web port to be defined with as many as five threads. Under this configuration, RKWeb might operate a little slowly and might require occasional forced-refreshes, but all features are otherwise allowed.
An SSL-protected web port can be defined like this:
JANUS DEFINE portname 8205 WEBSERV 20 IBSIZE 4096 OBSIZE 65534 TRACE 1 - RBSIZE 4096 UPCASE SESCOOKIE RKSESSION SSLSES VARIPADDR - SSL JANSSL JUNE2017.PKEY SSLCACHE 320 SSLMAXCERTL 2048 - SSLIBSIZE 32767 SSLOBSIZE 16000 - WEBUSER WEBUSER WEBACCT WEBUSER MAXTEMP 2000 COMPRESS 1 JANUS START portname privateKeyPassword
RKWeb provides an interface (Manage > SSL Certificates
) for running the Janus Network Security application (JANSSL) for obtaining and managing SSL certificates. The RKWeb version of this application mimics the
operation of the application that is described in detail in the Janus Network Security wiki pages.
Janus Web rules for RKWeb
Following are the recommended and mandatory Janus rules to run RKWeb:
*... Codepage 0037... json requires square brackets to be Unicode 5B & 5D *... translate EBCDIC BA/BB accordingly UNICODE TABLE STANDARD MAP E=BA IS U=005B UNICODE TABLE STANDARD MAP E=BB IS U=005D *... TYPE rules for serving up binaries JANUS WEB portname TYPE ANY * TEXT/HTML JANUS WEB portname TYPE ANY *.HTML TEXT/HTML JANUS WEB portname TYPE ANY / TEXT/HTML JANUS WEB portname TYPE ANY *.HTM TEXT/HTML JANUS WEB portname TYPE ANY *.GIF IMAGE/GIF JANUS WEB portname TYPE ANY *.PNG IMAGE/GIF JANUS WEB portname TYPE ANY *.CSS TEXT/CSS JANUS WEB portname TYPE ANY *.JS TEXT/JAVASCRIPT JANUS WEB portname TYPE ANY *.JPEG IMAGE/JPEG JANUS WEB portname TYPE ANY *.JPG IMAGE/JPEG JANUS WEB portname TYPE ANY *.ICO IMAGE/X-ICON *... support for the Ace Editor, part of RKWeb JANUS WEB portname ON /ACE/* OPEN M204PROC SEND * TEXT JANUS WEB portname ON /ACE/EDITOR OPEN M204PROC CMD 'RKWEB' JANUS WEB portname ON /ACE/EDITOR.JSON OPEN M204PROC CMD 'RKWEB' JANUS WEB portname ON /ACE/PROCLIST OPEN M204PROC CMD 'RKWEB' JANUS WEB portname ON /ACE/PROCLIST.JSON OPEN M204PROC CMD 'RKWEB' JANUS WEB portname ON /ACE/S.SETTINGS.PNG OPEN M204PROC SEND S.SETTINGS.PNG BINARY EXPIRE +999999 JANUS WEB portname ON /ACE/S.SIRLIB_SEQ.PNG OPEN M204PROC SEND S.SIRLIB_SEQ.PNG BINARY EXPIRE +999999 JANUS WEB portname ON /ACE/*.JS OPEN M204PROC SEND *.JS TEXT JANUS WEB portname ON /ACE/SRC/SNIPPETS/*.JS OPEN M204PROC SEND /ACE/SRC/SNIPPETS/*.JS BINARY EXPIRE +999999 JANUS WEB portname ON /ACE/SRC/*.JS OPEN M204PROC SEND /ACE/SRC/*.JS BINARY EXPIRE +999999 JANUS WEB portname ON /ACE/SRC/MODE-M204.JS OPEN M204PROC SEND MODE-M204.JS TEXT JANUS WEB portname ON /ACE/LIB/*.JS OPEN M204PROC SEND *.JS BINARY EXPIRE +999999 *... RKWeb rules: JANUS WEB portname ON /RKWEB/* CMD RKWEB JANUS WEB portname ON /RKWEB/*.CSS OPEN FILE M204PROC SEND "1.CSS TEXT EXPIRE +7200 JANUS WEB portname ON /RKWEB/*.JS OPEN FILE M204PROC SEND "1.JS TEXT EXPIRE +7200 JANUS WEB portname ON /RKWEB/*.GIF OPEN FILE M204PROC SEND "1.GIF EXPIRE +7200 JANUS WEB portname ON /RKWEB/*.PNG OPEN FILE M204PROC SEND "1.PNG EXPIRE +7200 JANUS WEB portname ON /RKWEB/*.JPG OPEN FILE M204PROC SEND "1.JPG EXPIRE +7200 JANUS WEB portname ON /RKWEB/*.JPEG OPEN FILE M204PROC SEND "1.JPEG EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/*.CSS OPEN FILE M204PROC SEND "2.CSS TEXT EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/*.JS OPEN FILE M204PROC SEND "2.JS TEXT EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/*.GIF OPEN FILE M204PROC SEND "2.GIF EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/*.PNG OPEN FILE M204PROC SEND "2.PNG EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/*.JPG OPEN FILE M204PROC SEND "2.JPG EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/*.JPEG OPEN FILE M204PROC SEND "2.JPEG EXPIRE +7200 JANUS WEB portname ON /RKWEB/*/RKWSEND/*.* OPEN FILE M204PROC SEND "2."3 EXPIRE +7200 JANUS WEB portname ON /RKWSEND/* OPEN FILE M204PROC SEND * EXPIRE +7200 *... Rules supporting the applications implemented as Janus Legacy apps. JANUS WEB portname DISALLOW /SIRLIB* JANUS WEB portname DISALLOW /DICTADMIN* JANUS WEB portname DISALLOW /DICTREPORT* JANUS WEB portname DISALLOW /DICTDOC* JANUS WEB portname DISALLOW /XREF* JANUS WEB portname DISALLOW /FILEMGMT* JANUS WEB portname DISALLOW /CCACATREPT* JANUS WEB portname DISALLOW /CCATSF* JANUS WEB portname ALLOW /SIRLIB* USER * JANUS WEB portname ALLOW /DICTADMIN* USER * JANUS WEB portname ALLOW /DICTREPORT* USER * JANUS WEB portname ALLOW /DICTDOC* USER * JANUS WEB portname ALLOW /XREF* USER * JANUS WEB portname ALLOW /FILEMGMT* USER * JANUS WEB portname ALLOW /CCACATREPT* USER * JANUS WEB portname ALLOW /CCATSF* USER * JANUS WEB portname ON /SIRLIB* CMD 'SIRLIB *' JANUS WEB portname ON /DICTADMIN* CMD 'DICTADMIN *' JANUS WEB portname ON /DICTREPORT* CMD 'DICTREPORT *' JANUS WEB portname ON /DICTDOC* CMD 'DOCUMENT *' JANUS WEB portname ON /XREF* CMD 'XREF *' JANUS WEB portname ON /FILEMGMT* CMD 'FILEMGMT *' JANUS WEB portname ON /CCACATREPT* CMD 'CCACATREPT *' JANUS WEB portname ON /CCATSF* CMD 'CCATSF *' JANUS WEB portname SCREEN /SIRLIB/* - EXITURL '/rkweb/' EXITKEY 'Exit SirLib' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /DICTADMIN* - EXITURL '/rkweb/' EXITKEY 'Exit DictAdmin' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /DICTREPORT* - EXITURL '/rkweb/' EXITKEY 'Exit DictReport' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /DICTDOC* - EXITURL '/rkweb/' EXITKEY 'Exit Document' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /XREF* - EXITURL '/rkweb/' EXITKEY 'Exit Xref' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /FILEMGMT* - EXITURL '/rkweb/' EXITKEY 'Exit FileMgmt' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /CCACATREPT* - EXITURL '/rkweb/' EXITKEY 'Exit CCACatRept' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /CCATSF* - EXITURL '/rkweb/' EXITKEY 'Exit CCATSF' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' START SUBSYSTEM DICTADMIN START SUBSYSTEM DICTREPORT START SUBSYSTEM DOCUMENT START SUBSYSTEM XREF START SUBSYSTEM FILEMGMT START SUBSYSTEM CCACATREPT START SUBSYSTEM CCATSF
Again, because the above rules force users to log in with their enterprise credentials, and because RKWeb provides an interface into protected elements like passwords and APSY definitions, the port on which RKWeb runs must be SSL protected.
Once the rules are implemented and the port is started, RKWeb can be reached with a URL like this:
https://www.mydomain.com/rkweb/welcome.html
In addition to web rules, if low-privileged users are to be given access to RKWeb, a couple system level methods need to be made available to those users. The following commands are required to implement this:
SIRMETH ALLOW SYSTEMSET SUBSYSTEM RKW* NONPRE SIRMETH ALLOW SUBSYSTEMSET SUBSYSTEM RKW* NONPRE SIRMETH ALLOW SYSTEMSET SUBSYSTEM SIR* NONPRE
As implied by the recommended and mandatory JANUS WEB rules above, some RKWeb applications are implemented with Janus Legacy, which launches them into a separate browser tab. These Janus Legacy applications are not fully integrated with RKWeb, so you must use the security configured for those applications. For instance, FILEMGMT is implemented as Janus Legacy, and it might prompt the user for a separate password.
Defining a Janus port and generating a self-signed SSL certificate
You can run RKWeb on any SSL-protected Janus port, and experienced users are likely to add the Janus rules in the section above to a port or ports they already have configured.
New users might need to define an initial unprotected Janus port that can then be used to generate a self-signed certificate. That certificate is then used to protect the port on which RKWeb is to run. Directions follow:
- Enter these rules to create a very basic Janus Web port:
JANUS DEFINE MYWEBPORT 80 WEBSERV 10 IBSIZE 4096 OBSIZE 8192 TRACE 1 RBSIZE 4096 - UPCASE WEBUSER WEBUSER WEBACCT WEBUSER MAXTEMP 1000 JANUS WEB MYWEBPORT ON / OPEN FILE M204PROC CMD 'INCLUDE JANWEB.HOMEPAGE.HTML' JANUS WEB MYWEBPORT ON /JANSSL/* OPEN FILE M204PROC CMD 'INCLUDE JANSSL.*' JANUS WEB MYWEBPORT ON /JANWEB/* OPEN FILE M204PROC CMD 'INCLUDE JANWEB.*' JANUS START MYWEBPORT
- Use either of the following ways to connect to the JANSSL certificate management program:
- With the following URL, invoke the Janus default home page:
http://www.mydomain.com:xxxx
where xxxx is the port number. In the preceding port definition,
80
is the default port for web connections. Your network administrator might require a different port number.On the Janus default home page, click the link to the JANSSL certificate management program.
- Using your own domain name and port number, connect directly to the JANSSL certificate management program:
http://www.mydomain.com:9999/janweb/sslmain.html
- With the following URL, invoke the Janus default home page:
- Use the certificate management program to generate a self-signed certificate.
The program contains ample online Help. Follow the instructions for generating a self-signed certificate.
- Use the self-signed certificate to protect the port from which RKWeb will run.