MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » November 2006

RE: Updating files from the web



fixed

Actually, the iSeries has had column level security since day 1.  Back in 
the days of OS/400 you would set up security on the PF so that no user 
could access it directly.  Then the LF's would only select certain 
columns.
Now, with i5/OS, you can use direct column level security.

The problem is with people who try to access the PF directly with RPG F 
specs, or try to select more fields than the bare minimum they need with 
SQL and then they get blocked out.

Olden days of OS/400 method:
R JOEPFR 
  EMP#          15A 
  NAME          30A 
  WAGE          15P 5

EDTOBJAUT so that joePf looks like:
                         Object 
User        Group       Authority
*PUBLIC                 USER DEF 
----------Object-----------
Opr  Mgt  Exist  Alter  Ref
                         X 

---------------Data---------------
Read  Add  Update  Delete  Execute
 X     X     X       X        X 


and this logical
R JOELFR       PFILE(JOEPF)
  EMP#
  NAME
Would have the default security.

upddta rob/joePf
DFU-0065-Not authorized to perform operation on file JOEPF.  

upddta rob/joeLf
Works great.

Row level security might be able to be completed with read triggers.  But 
I forget if read triggers were only after the fact.  (AFTER read and not 
BEFORE read).

Rob Berendt





Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact