Protect FITC application against unauthorized access
Component: | BS2000 |
Functional area: | Data communication control |
Domain: | SECURITY-ADMINISTRATION |
Privileges: | all privileges bar HARDWARE-MAINTENANCE |
Function
The PROTECT-FITC-APPLICATION command protects an FITC application against unauthorized access by means of guards. A support authorization to prevent unauthorized configuration and request authorization to prevent unauthorized use can be defined for the FITC port.
In addition, this command enables a standard connection ID to be reserved for a directly addressable FITC port. Senders of messages or jobs can address the port without the port name by using this short ID.
This command offers the same functions as the DEFPACC macro.
A support authorization (SUPPORT-GUARD operand) can only be assigned if the FITC port is not already protected. Assigning a support authorization also simultaneously defines the port owner (USER-ID operand). Only the port owner can assign or modify a request authorization (REQUEST-GUARD operand).
Format
PROTECT-FITC-APPLICATION |
PORT-NAME = <alphanum-name 1..54> ,STD-CONNECTION-ID = *UNCHANGED / <x-string 1..4> / <integer 1..65535> ,USER-ID = *UNCHANGED / <name 1..8> ,SUPPORT-GUARD = *UNCHANGED / <filename 1..24 without-gen-vers> ,REQUEST-GUARD = *UNCHANGED / <filename 1..24 without-gen-vers> |
Operands
PORT-NAME = <alphanum-name 1..54>
Port name of the FITC application which is to be protected or linked with a standard connection ID.
STD-CONNECTION-ID = *UNCHANGED / <x-string 1..4> / <integer 1..65535>
Defines a standard connection ID for a directly addressable FITC port. This short ID is reserved for the specified port name and cannot be assigned again in the active session.
USER-ID = *UNCHANGED / <name 1..8>
Defines the port owner’s user ID. This operand is evaluated only if a support authorization is also specified (i.e. a guard is specified in the SUPPORT-GUARD operand).
SUPPORT-GUARD = *UNCHANGED / <filename 1..24 without-gen-vers>
Defines a guard for configuring the FITC port. If a support authorization is already assigned, this specification is not accepted.
REQUEST-GUARD = *UNCHANGED / <filename 1..24 without-gen-vers>
Defines a guard for using the FITC port. Only the port owner can assign the request authorization.
Return codes
(SC2) | SC1 | Maincode | Meaning |
|---|---|---|---|
0 | CMD0001 | Command executed without error | |
1 | NTF0404 | Parameter combination not permissible. | |
1 | NTF0804 | Specified application name (port name) not permissible. | |
1 | NTF0C04 | Specified standard connection ID outside the permissible value range. | |
32 | NTF0018 | FITC not accessible. Function cannot be executed. | |
32 | NTF0C10 | Caller not authorized to modify the REQUEST profile. | |
32 | NTF1010 | The SUPPORT profile already assigned to the port name cannot be accessed. Execution is therefore rejected because there is no way to perform a check. | |
32 | NTF1418 | Function aborted on account of an internal FITC error. | |
64 | NTF040C | Specified port name already used. | |
64 | NTF080C | Specified standard connection ID already used elsewhere. | |
64 | NTF0C0C | Not possible to assign a valid user ID as the owner of the port. | |
64 | NTF100C | Specified guard name(s) cannot be completed. | |
64 | NTF140C | A REQUEST profile can only be assigned in conjunction with the SUPPORT profile or if the latter exists. | |
64 | NTF400C | Redefinition of the specified properties not permitted. | |
130 | NTF0418 | Function cannot currently be executed due to memory shortage. |