Security

Robert J.M. Edis robert.edis@creatcomp.com
Tue, 18 Jan 2000 14:40:52 -0500 

G'day John

I've used ASCs to control access to particular fields on a screen where all
columns belonged to the same table.  The access to the table itself was
controlled by identifiers but could be done in the PHD if the data is not in
a RDBMS.

The solution of using a lookup table rather than ASCs has the advantage that
a super user can control the access via a screen rather than IT doing it and
having to modify the PHD each time a new person is added/dropped in an ASC
or a new ASC is created.

The issue of controlling access to a table column according to the data
value in the that or another column should be just an increase in complexity
to the logic.

The environment variables are OK generally but you have to be careful.  I
have not had any success setting a variable in one PH program and then using
it another under HP/UX and in VMS only logicals in the JOB table seem to be
robust; symbols don't work well.

Good luck.

Blue

-----Original Message-----
From: John Pearce
To: powerh-l@lists.swau.edu
Sent: 1/17/00 11:37 PM
Subject: RE: Security

Dave Know wrote:
>There's many different ways to approach this. So to add another...
>
>You may also wish to consider SETSYSTEMVAL/GETSYSTEMVAL options.
>

Thanks for the suggestion, Dave.  You're right about the decreased
overhead
of using a system variable.  I'll take a look at that.

As for the ASC's, they are currently used to determine who can do what
as
far as screens, reports, and processes.  My tendency at the moment is to
keep the data access security outside the ASC's.  If there's a good
reason
to use the ASC's for access controls, I'd like to learn about it.

Thanks,

John

------------------------------------------------------------------
John Pearce  <jpearce@rmi.net>       | Bethesda Management Company 
Speaking for only myself             | Colorado Springs, CO  USA
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
= =
Subscribe: "subscribe powerh-l" in message body to
majordomo@lists.swau.edu
Unsubscribe: "unsubscribe powerh-l" in message to
majordomo@lists.swau.edu
This list is closed, thus to post to the list, you must be a subscriber.
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Subscribe: "subscribe powerh-l" in message body to majordomo@lists.swau.edu
Unsubscribe: "unsubscribe powerh-l" in message to majordomo@lists.swau.edu
This list is closed, thus to post to the list, you must be a subscriber.