Chapter Contents

Previous

Next
Communications Access Methods for SAS/CONNECT and SAS/SHARE Software

Tasks That Are Common to SAS/CONNECT and SAS/SHARE

System Administrator or User

To use the DECnet access method with an OpenVMS host for SAS/CONNECT and SAS/SHARE, perform these tasks:

  1. Verify that you have met all your site and software requirements.

  2. Verify that you know how to set variables in SAS software.

  3. Set the desired SAS/CONNECT and SAS/SHARE environment variables.


System and Software Requirements for SAS/CONNECT and SAS/SHARE

Ensure that the following conditions have been met:

  1. DECnet has been installed at both the local and remote hosts at your site.

  2. SAS software is installed on both the local and remote hosts at your site.

  3. Each local and remote process that is running on an OpenVMS system has the TMPMBX and NETMBX privileges.


System Requirements for SAS/SHARE Only

Ensure that the user has the SYSNAM privilege to start the SAS/SHARE server.


Setting Variables in SAS

You may need to set specific variables in SAS to allow the desired connections with SAS/SHARE using the DECnet communications access method.

Consult with your network administrator to determine what variables must be set and what values to assign to them.

You may specify a variable by using one of the following forms:

Values for these variables can contain up to eight characters, consisting of alphanumeric characters, the percent sign (%), the dollar sign ($), the pound sign (#), the at sign (@), and the underscore.

If you set multiple forms of the same variable, the order of precedence follows:
SAS macro variable in SAS session
SAS macro variable in AUTOEXEC file
Environment variable.


Setting Security for SAS/CONNECT and SAS/SHARE

For SAS/CONNECT, you must supply identifying information to sign on without a script to a remote host running a spawner program. A SAS/SHARE server, running secured, requires identification from each connecting client. The next two sections outline the version-specific methods for specifying client identification for SAS/CONNECT and SAS/SHARE.

Providing Client Identification in a Version 8 Session

In Version 8, you provide client identification to a SAS/CONNECT remote host or a SAS/SHARE server using the USER= and PASSWORD= options. These options are valid in the following statements:

SIGNON
RSUBMIT
LIBNAME
PROC SQL
Connect to Remote
PROC OPERATE
(in the PROC statement)
set server
stop server
quiesce server
start server
display server

Specifying client identification in the SASSECUR variable is still accepted but is not recommended in Version 8. The USER= and PASSWORD= options take precedence over the client SASSECUR variable when both are specified. For example, a SAS/SHARE client's execution of a LIBNAME statement with values assigned to the USER= and PASSWORD= options would override a SASSECUR variable setting in the same client SAS session.

Here is the syntax and definitions for these options:

USER | USERNAME | USERID | UID=username | _PROMPT_

PASSWORD | PASSWD | PASS | PWD | PW=password | _PROMPT_

Specifying these options allows a user on the local host whose username and password have been verified to access the remote host.

username
is a valid userid for the remote host and is thus host-dependent in form. If the value contains blanks or special characters, it must be enclosed in quotes.

password
is the password, if any, required for authentication of the supplied username. This value will not be echoed in the SAS log. If the value contains blanks or special characters, it must be enclosed in quotes.

_PROMPT_
specifies that the SAS System prompts the client for username and password.

Note:   The values provided when prompted must NOT be quoted.  [cautionend]

Specifying USER=_PROMPT_ and omitting the PASSWORD= specification will cause SAS to prompt you for both userid and password.

This is especially useful for allowing the SAS statements containing the USER= and PASSWORD= options to be copied and otherwise effectively reused by others.

For SAS/SHARE, the values supplied for the USER= and PASSWORD= options are valid for the duration of the remote host connection. Additional accesses of the remote host while the connection to that host is still in effect do not require re-supplying of the USER= and PASSWORD= options. For example, while the first connecting library assign to a SAS/SHARE server may require specification of the options, subsequent assigns to the same server will not need specification of these options as long as the original connection is in effect. A subsequent re-connect to the same server or connect to a different server would require re-supplying of the USER= and PASSWORD= options.

Here is a Version 8 example for SAS/SHARE:

libname test 'prog2 a' user=joeblue password="2muchfun" server=share1;

For SAS/CONNECT, these values are valid until SIGNOFF.

Here is a Version 8 example for SAS/CONNECT:

signon rmthost user=joeblack password=born2run;

As a security precaution, PASSWORD= field entries echoed in the log are replaced with Xs. If _PROMPT_ was specified for entering the password, the entry would not be displayed on the screen as it is typed.

SAS/SHARE SASSECUR Variable

SASSECUR:==_PROMPT_ | userid.password |
_SECURE_

You may set the SASSECUR variable to provide security for the SAS/SHARE server, allowing access to clients whose userids and passwords have been verified.

Values that you set at a SAS/SHARE client are

_PROMPT_
must be set at the SAS/SHARE client.

_PROMPT_ causes SAS to prompt the user for userid and password information. When prompted for a password, the input field is not displayed. Choosing to prompt for the userid and password provides more security than assigning the userid and password to the variable.

userid.password
must be set at the SAS/SHARE client.

userid.password specifies both the userid and password. Assigning the userid and password directly to the SASSECUR variable at the SAS/SHARE client may inadvertently publicize this information and compromise the security of the SAS/SHARE server. Assigning the value to the variable in a file allows anyone to check it.

_SECURE_
must be set at the SAS/SHARE server.

The _SECURE_ value for the SASSECUR variable requires a SAS/SHARE client to supply a valid userid and password to the remote host on which the server is running in order to allow client access to the server.

Specify the SASSECUR variable before you create a server.

Examples:

SASSECUR:==_PROMPT_
SASSECUR:==bass.timego
SASSECUR:==_SECURE_

See Setting Variables in SAS for examples of the forms you can use to specify the SASSECUR variable.


Chapter Contents

Previous

Next

Top of Page

Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.