HLI: Model 204 security

From m204wiki
Revision as of 16:36, 29 April 2016 by ELowell (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Overview

This topic briefly describes Model 204 security for application programmers who are using the Host Language Interface facility.

For more information about Model 204 security, see the Security interfaces overview.

See also:

Storing security information (CCASTAT)

Establishing and maintaining security

Using Model 204 security

Model 204 provides a variety of security features that prevent unauthorized use of IDs, files, groups, records, and fields. When a particular security feature is operational, the corresponding access restrictions apply.

Login security

Login security requires you to enter a password when logging in. Only a valid password can gain access to the system. After successfully logging in, you are granted particular privileges.

When login security is in effect, specify login information using the following HLI calls:

  • For an IFSTRT thread in IFAM1, use the IFLOG call to provide login information, as necessary, where the user authorization is to be validated by a security interface.
  • In IFAM2 and IFAM4, specify the login parameter in the IFSTRT call to supply the user ID and password that permit entry to the system.
  • For an IFDIAL thread, supply the login information, as necessary, using the IFWRITE call.

File security

File security requires you to specify a legal password in the IFOPEN call. After you successfully open the file, Model 204 grants you particular file privileges, a user class number, and field security levels.

Group security

Group security requires you to specify a legal password in the IFOPEN for the file group.

Record security

Record security limits access to records by allowing you to retrieve and update only records that you have stored in the file or that users can share.

Field-level security

Field-level security protects fields in a file. Field access levels are assigned when you open a file or group. Specify the security level associated with a field in the IFDFLD call.

Terminal security

Terminal security allows particular login user IDs and particular files and file groups to be accessed only from specific Model 204 threads.

See also