Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » EGL Development Tools » Library List management call RPG Programs(Best way to control library lists.)
Library List management call RPG Programs [message #902901] Tue, 21 August 2012 04:37 Go to next message
Bob NIcholson is currently offline Bob NIcholsonFriend
Messages: 62
Registered: December 2011
Location: Seattle
Member
I've figured out how to call an RPG program using the @IBMiProgram. Works fine when not accessing files. But, when trying to access a file, it is not finding the file. This is because the job library list for QUSER does not contain the needed library.

I could set the proper library list for QUSER. But, I have multiple users that need different library lists and cannot default everything to QUSER. As well, we need to track who is on the system and adding/changing/deleting records.

Is there a way to set sign on (user ID/Password) for different users from EGL so that the correct library lists are used and the true users are identified?

Thanks

Bob
Re: Library List management call RPG Programs [message #903105 is a reply to message #902901] Wed, 22 August 2012 03:06 Go to previous messageGo to next message
Dan Darnell is currently offline Dan DarnellFriend
Messages: 145
Registered: November 2011
Location: Arkansas
Senior Member

There's info in Joe's article below on setting the user ID/password used on an IBM i program call:

http://www.ibmsystemsmag.com/ibmi/developer/general/edt_ibmi/

It's never actually QUSER that drives the library list though ... QUSER runs the program call job but internally, prior to the actual program call, the profile is swapped to whatever you used on your deployment descriptor entry or in your program (following Joe's example) prior to the call. The job description of the swapped profile sets the library list.

Issues do arise for many IBM i shops though because many places use an initial program to set a library list for a given user (or have a menu driver that sets the library list). If this is the case for you then you might have to front your program calls with another program that handles setting the library list.

Hope this helps.

--Dan
Re: Library List management call RPG Programs [message #903108 is a reply to message #903105] Wed, 22 August 2012 03:58 Go to previous messageGo to next message
Bob NIcholson is currently offline Bob NIcholsonFriend
Messages: 62
Registered: December 2011
Location: Seattle
Member
Hi, Dan

Yes, I kind of figured I'd have to do something like that. We have initial user programs to set the respective library lists now during sign on to the iSeries. I'm working on a couple of test approaches now. One site I found that appears to address the issue is http://www.mcpressonline.com/forum/showthread.php?13122-Calling-password-API-in-CL-program. I'm working through that now. But, I'm thinking that I may have to pass in the user id and password and verify them on program start and then set the library list based on user id.

Thanks for the response. I wanted to make sure I wasn't missing a more obvious way.

Bob
Re: Library List management call RPG Programs [message #903270 is a reply to message #903108] Wed, 22 August 2012 19:16 Go to previous message
Dan Darnell is currently offline Dan DarnellFriend
Messages: 145
Registered: November 2011
Location: Arkansas
Senior Member

"But, I'm thinking that I may have to pass in the user id and password and verify them on program start and then set the library list based on user id."

You are on the right track (IMHO) to be thinking in terms of decoupling authentication from authorization. A front-end login check of credentials allows (or prevents) access to your application for a given user. Once in the application, a swap profile when you make a program call establishes the runtime environment and then object-level authorization is enforced by the server.

Based on the link you gave, you are on the right track with swapping profiles using the profile handle API's. Keep in mind that you'll go through a "super user" profile to swap profiles to the actual logged-in user's profile (that's the way I do it anyway). If I remember correctly, the super user profile must have access to the user profile it is swapping to (or *ALLOBJ authority).

--Dan

Previous Topic:gridlayout background
Next Topic:Mobile widgets
Goto Forum:
  


Current Time: Thu Oct 03 14:07:28 GMT 2024

Powered by FUDForum. Page generated in 0.03909 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top