Record set security

John,

At 07:26 AM 3/31/00 -0800, you wrote:
> > At 09:09 PM 3/28/00 -0800, you wrote:
> >
> > > (Example: With AOA, how do you provide ability to view
> > > transactions with a VB application,
> > > but restrict the ability to download the entire file with
> > > FTP?)
> > >
> >  One way to handle this is w/ logical files.  Another way (in
> > the later versions of OS/400) is column level security.
>
>Thanks for the only reply on this inquiry.
>
>But a logical file will still allow you to view all records
>(transactions) in the view.  Unless you want to create (and
>secure) a separate logical file for every record in the PF (how
>ugly!!), logicals won't help.
>
>Also, column level authority does not work for reads....  only
>updates.   And still, it seems like what people are really looking
>for is row level security, or a combination of row/column level
>security.  I still don't see how OS/400 object level security
>helps here.

  One thing I have done in the past is to have an OPNQRYF run against 
several files in the user's initial pgm.  The files remained open the 
entire day, so there was only an initial hit.  Of course, w/ ODBC, it's 
different animal.  Maybe you can force the user to use a called procedure 
(i.e. one which uses SQL w/ parameter markers, or a plain old CLP w/ 
OPNQRYF), which would control access to the file.  It's a difficult problem.

  Let me know what other ideas you come up with.

  -mark
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---