Chapter Contents |
Previous |
Next |
SAS/EIS Software: Administrator's Guide |
In addition to using the access control windows to perform setup and maintenance tasks, the access control facility provides methods to set up the access control environment programmatically.
To change any of the access control settings using SCL, you must have write access to the SASHELP.AC catalog and a SAS/AF Software license to run the BUILD environment.
Setting the ACL Setup Parameters |
This method re-creates the entry SASHELP.AC.ACLINIT.SCL.
CALL METHOD ('SASHELP.EIS.ACLUTIL', 'CREAACLI', rc, flag, aclroot, aclserv,login_window, autouser_enabled, libsec, pw_encrypt);
Where... | Is type... | And contains... | |||||
---|---|---|---|---|---|---|---|
rc |
N | a flag that indicates if the update was successful, where 0 indicates that the update was successful and 1 indicates that it was not. | |||||
flag |
C | a flag that activates or deactivates security. Valid values are Y and N. | |||||
aclroot |
C | the path of a directory that holds the ACL files. | |||||
aclserv |
C | the name of the remote session or share server for aclroot. If the session is local, this parameter should be blank. | |||||
login_window |
C | the four-level name of the AF application or APPLSCR application to use for login. | |||||
autouser_enabled |
C | a flag that indicates whether to allow the use of &AUTOUSER at login. Valid values are Y and N. | |||||
libsec |
C | a flag that indicates when the ACL library is allocated, where
|
|||||
pw_encrypt |
C | a flag that indicates whether to encrypt the PASSWORD values, where
|
Setting the Administrator's Password |
This password is used to create and access ACL files and to enable access to the password support feature. Set the flag to 0 if you do not want to use a password.
CALL METHOD('SASHELP.MB.APWUTIL','CREAAPWM',flag, pw-value,rc);
Where... | Is type... | And contains... | |||||
---|---|---|---|---|---|---|---|
flag |
C | a flag that indicates whether to activate the password, where
|
|||||
pw-value |
C | the text of the password. The value for this parameter must follow the current SAS file password syntax conventions. | |||||
rc |
N | a flag that indicates whether the update was successful, where
|
Setting the Audit Parms |
This method re-creates the entry SASHELP.AC.ACLLOG.SCL, which is used to track activities associated with the access control facility.
CALL METHOD ('SASHELP.EIS.ACLUTIL','CREALOG', rc, flag, logroot, logserv, logtime, data, appl);
Where... | Is type... | And contains... | |||||
---|---|---|---|---|---|---|---|
rc |
N | a flag that indicates whether the update was successful, where
|
|||||
flag |
C | a flag that indicates whether to activate access logging, where
|
|||||
logroot |
C | the path of a directory that holds the LOG file. | |||||
logserv |
C | the name of the remote session or share server for logroot. If the session is local, this parameter should be blank. | |||||
logtime |
C | a flag that indicates whether to log full SAS/EIS access time. Valid values are Y or N. | |||||
data |
C | a flag that indicates whether to log data source access. Valid values are Y or N. | |||||
appl |
C | a flag that indicates whether to log application access. Valid values are Y or N. |
Querying ACL Setup Values and Password |
Use the following job to query the current ACL settings and the current administrator's password:
length security_enabled $1 aclroot $200 aclserv $17 logroot $200 logserv $17 login_window $35 autouser_enabled $1 libsec $1 pw_encrypt $1 admin_pw $16 pw_active 8 audit_enabled $1 logtime $1 logdata $1 logappl $1 ; init: /* Administrator's password */ call method('sashelp.mb.aclapwm','aclapw',pw_active,admin_pw); put pw_active=; put admin_pw=; /* Security Enabled? */ call method('sashelp.ac.aclinit','aclinit',security_enabled); put security_enabled=; /* ACL Root */ call method('sashelp.ac.aclinit','aclrt',aclroot,aclserv); put aclroot=; put aclserv=; /* Login Window */ call method('sashelp.ac.aclinit','acllw',login_window); put login_window=; /* AUTOUSER Enabled? */ call method('sashelp.ac.aclinit','aclau',autouser_enabled); put autouser_enabled=; /* Secure Libref? */ call method('sashelp.ac.aclinit','libsec',libsec); put libsec=; /* Encrypt User passwords? */ call method('sashelp.ac.aclinit','pwencrpt',pw_encrypt); put pw_encrypt=; /* LOG Root */ call method('sashelp.ac.acllog','logrt',logroot,logserv); put logroot=; put logserv=; /* Log LOGIN/LOGOUT? */ call method('sashelp.ac.acllog','logopt',logtime,logdata,logappl); put logtime=; /* Log Data Access? */ put logdata=; /* Log Application Access*/ put logappl=; return;
Chapter Contents |
Previous |
Next |
Top of Page |
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.