|
midrange-l-request@xxxxxxxxxxxx wrote: > 5. exit points? (was: does PAM for AS400 exist?) (jared) > > through something called "exit points". To my >ear, these sound like "callbacks with formally-defined interfaces" that >have some standard implementation that can be overridden by creating the >right program with the right name and procedures, and installing it with >appropriate privs in a particular location. How accurate is that reading? I hadn't considered exit points/exit programs in terms of callbacks before, but it kind of, sort of is okay to think of them in that way. The names and locations of exit programs can be pretty much whatever you want as long as they don't conflict with other programs. The formally-defined interface known as the Registration Facility is where you tell an exit point what the name and location of an exit program is. Once properly registered and activated (depending on the exit point and version/release of OS/400 and potentially other elements), the exit program will be called every time the related server or function reaches the right point in its processing. The server passes the defined parms into the exit program and generally waits for results to come back before continuing with the transaction. One use of exit programs is to notify a server whether or not a particular transaction is to be allowed or rejected. Another use is to create audit records of transactions -- for TCP/IP and host servers, audit info might include the user profile, the location from which the transaction came, date and time and even the transaction itself. In some cases, such as TELNET initiation or command exit programs, the transaction might be modified -- a device name might be associated with a session in place of a default virtual device or command parameters might be modified for special environments. This can add a level of granularity that's not easily possible with system object authorities, most especially when applications are extended to allow network access into databases. An application might have logic that prohibits user ABC from updating particular records. But ODBC network access can potentially bypass the application logic by sending transactions straight to the database. An exit program could choose to block such a transaction but allow other transactions to the same database without needing any application program changes. >What, at any level of technical detail, is an exit point? I think you've got a good enough start with thinking in terms of 'callback' as long as you keep it at a high level. Tom Liotta -- Tom Liotta The PowerTech Group, Inc. 19426 68th Avenue South Kent, WA 98032 Phone 253-872-7788 x313 Fax 253-872-7904 http://www.powertech.com __________________________________________________________________ Switch to Netscape Internet Service. As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register Netscape. Just the Net You Need. New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web and block those annoying pop-ups. Download now at http://channels.netscape.com/ns/search/install.jsp
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
