PFC Guide Titlebar
HomeFAQLinksPFCMAGExtensionsDownloadWhat's NewSearch

Security Service FAQ


Table of Contents

  1. What are the steps required to use the security service?
  2. Using the security service in Oracle causes an invalid bind variable error.
  3. How do I add a description to the security control list template?
  4. Where is of_setsecurity() ?

What is the purpose of the security service?

PFC security provides a client-side security solution. It allows access restriction to the window controls of a PFC based application. The objects that can be secured are menu items, graphic objects, and datawindow columns. Each object may be enabled / disabled or made invisible based on the current user.

Back to Top

What are the steps required to use the security service?

The PFC security consists of four major components.

The scanner and administration utility are stand-alone applications and should be compiled prior to using security. Well... the administration utility can be ran from the development environment, but it's probably better to compile it to a stan-alone app.

Let's start with the database tables. PFC includes a SQLAny database - pfc.db with security tables and a message table used by the error service. You have an option of keeping the tables on your application database or on a separate database shared between multiple applications. Assuming you want to maintain one app at a time the first step is to move the database tables to your MS SQL Server database. The easiest way to do that is to create a pipeline for each table and copy them over. If you have ERWin or PowerDesigner you can use that. Don't forget to copy the delete RI triggers as well. The triggers are all "On Parent Delete Cascade" except the one on the relationship from security_apps to security_template. that trigger is "On Parent Delete Restrict" . Another warning. There has been change in 5.0.03 making some columns wider. A rule of thumb with PFC security - use 5.0.03 or greater.

Once you've created the database tables, the next step is to compile the security scanner and use it to populate the security_apps and security_template tables. These table will contain a list of all controls in your application that are eligible to be "secured". There are couple of issues with the scanner. Few major point are:

These and other Security Scanner related issues are discussed in detail in the .

Once you create the security scanner application, run it, select and scan your PBLs.

The next step is the Security Administration Utility. This utility allows you to create/maitain users and groups, create/maintain
associations between users and groups, and grant users or groups access rights to specific controls. The Security Administration Utility populates the other three tables: security_users, security_groups, and security_info. You can selectively enable/disable or show/hide controls for a each user or a group.

Last step is enabling and calling the security service in your application.

You need to create the security service.

n_cst_appmanager constructor

gnv_app.of_Setsecurity(True)

 

Configure it:

n_cst_appmanager pfc_open

//Initialise Security:
IF IsValid(gnv_app.inv_security) THEN
	gnv_app.inv_security.of_InitSecurity(SQLCA,&
	iapp_object.appname, &
	of_getUserID(), &
	"Default")
ELSE
	return
END IF

 

And call it from your window pfc_open or pfc_preopen events:

gnv_app.inv_security.of_setSecurity(this)

That's it!

Back to Top

Using the security service in Oracle causes an invalid bind variable error.

PFC uses the Oracle reserved word "user" as a retrieval argument in d_pfcsecurity_controllist datawindow.

The workaround is to change the the retrieval argument name in the d_pfcsecurity_controllist datawindow.

Back to Top

How do I add a description to the security control list template?

During the scan process PFC will examine each control's tag property for the "microhelp = <description>" keyword. The description found in the tag will be automatically added to the template security table. Even if the microhelp functionality is not used it does pay to add a description of each control and datawindow column to it's tag property.

Of coarse you can always add a description later after each scan process.

Back to Top

Where is of_setsecurity() ?

The of_setsecurity was left out from pfc_n_cst_appmanager in PFC versions 5.0.00 and 5.0.01. It was added in 5.0.02. If you don't see the function you can upgrade to a version greater than 5.0.02 or add the function yourself.

The code for of_setsecurity is listed below.

integer of_SetSecurity( boolean ab_switch )
//Check arguments
If IsNull(ab_switch) Then
	Return -1
End if

IF ab_Switch THEN
	IF IsNull(inv_security) Or Not IsValid (inv_security) THEN
	inv_security = CREATE n_cst_security
	Return 1
	END IF
ELSE
	IF IsValid (inv_security) THEN
	DESTROY inv_security
	Return 1
	END IF	
END IF

Return 0
Back to Top

Contributed by PFCGuide staff, except where noted otherwise.
PFCGuide is sponsored by Dynamic Technology Group
The information provided is for advice only and not to be considered a contract or a liability against Dynamic Technology Group.

Last revised: February 15, 2004 03:58 AM.