Charles,
 
If I were looking to roll your my security setup, I'd use three things:
 
1)  Authorization lists (to attach to libraries or other objects),
2)  Group Profiles (to place user profiles into groupings),
3)  A CL program that does a CHKOBJ and returns a "YES" or "NO" value.
 
Set up EVERY user in at least one authorization list.  Some users may be in 
multiple, supplemental authorization lists.
 
Depending on how your application is architected (including menuing system), 
you can secure the program or data LIBRARIES by your authorization list.  If 
the individual does not belong to a group profile that the authorization list 
allows, they simply will not have access to the objects.
 
You can secure individual programs or files in the same manner, but that is 
probably overkill.
 
If you have a spreadsheet already made, you probably already have the "logical 
group profiles and authorization lists" already defined.  You can probably 
spend a couple days and have an extremely workable solution.  Unless you have a 
specialized need, why buy?
 
William
 
date: Thu, 13 May 2004 15:24:32 -0400
from: CWilt@xxxxxxxxxxxx
subject: [Security400] Documenting / Managing iSeries security

I'm beginning to take the first steps toward securing our home grown
application.

How do you document / manage security? Working at larger company is new for
me. A paper-based or even Excel-based matrix is going to quickly become
unwieldy.

At minimum, I'm thinking I need some programs that use commands and/or APIs
to populate some data files along with a front end that allows some drill
down capabilities.

At maximum, I'm thinking I need a whole new application to maintain the
security data files. When changes are made via the application, the
appropriate OS/400 security command would be invoked to actually change the
security in use.


Are there any tools out there for this task? iSeries specific would be
nice, but even non-iSeries may be useful. Even links to documents or web
sites discussing the task would be helpful. I've done some googling trying
to find something, but so far have failed to turn up anything useful.


Should I just start rolling my own?


Thanks,
Charles Wilt


As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.