Why You Secure Activities
When you secure activities, you control who can execute a given application function.
Until you secure activities, any user can execute any application function.
How to Secure Activities
To secure activities internally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=ACTI, X
SECBY=INTERNAL
To secure activities externally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=ACTI, X
SECBY=EXTERNAL, X
Additional parameters required
Note: For more information, see #SECRTT and CREATE RESOURCES.
About External Activity Security
The EXTNAME values that you can specify for RESTYPE ACTI are RESNAME, APPLNAME, and ACTIVITY. For the purposes of security checking, the value of both RESNAME and APPLNAME is application-name. Only the ACTIVITY value contains the application function number. Thus, to secure individual activities externally, you must include ACTIVITY in the SRTT entry for RESTYPE ACTI.
Defining an Activity Resource
If you assign activity numbers to functions within the application, you can define each activity as a system resource with a CREATE RESOURCE statement. In a CREATE RESOURCE statement, you associate the application activity number with an external activity name. The activity name can be up to 18 characters and must be qualified with the application name, as in this example:
create resource
activity dcmt.vary_terminals
number 14;
Granting Execution Privilege on the Activity
After you have defined an activity, you can give users the privilege of executing the application functions represented by the activity, using a GRANT statement as in this example:
grant execute
on activity dcmt.vary_terminals
to support;
|
Copyright © 2014 CA.
All rights reserved.
|
|