I don't know of an "EASY" way to implement object level security on the as400. Once you start implementing security it is a never-ending array of duties and considerations. Depending on your size, you may need to hire a 'Security officer'. But being you refer to relatively small green-screen application, I would recommend using a group profile(s) to restrict the lanes by which other profiles may access application data. Once you have that in place, you'll just need to consider which profile is appropriate for what 'lane' of access for your application data. As for the ODBC access, there are a number of vendors that provide tools to manage ODBC (and other client/server) access via exit point programs. Rob Berendt compiled a faq list of exit-point security vendors at: http://faq.midrange.com/data/cache/198.html Elvis
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.