Data Security: Limiting Access Based on Field Values
By Noreen Redden

Security is a hot topic these days, and wiser people than I are addressing server security in WEBFOCUS. Access to datasets may be limited by various security protocols, such as RACF on the IBM Mainframe. However, FOCUS and WEBFOCUS go a step further, allowing the DBA to limit access based on field values.

WebFOCUS 7.7 contains two features that improve DBA, so let’s review them now. Since the vast majority of us use WEBFOCUS for reporting, that’s the emphasis in this article. However, remember that if FOCUS is used for MODIFY or MAINTAIN, DBA WRITE security may be specified.

A quick review: DBA security is specified at the end of the MFD, following all field declarations, and any DEFINE, FILTER, and COMPUTE declarations. The word END begins the DBA section, which is followed by the declaration of the DBA password, and then the user declarations. If you need information on the basics of DBA, the documentation can be reviewed at this URL:

http://documentation.informati....htm?url=topic77.htm

Remember that information in the DBA section of the MFD is applied to any type of data source, so long as the retrieval is through FOCUS. User passwords can be from one to 64 characters and contain special characters. They are not case sensitive unless SET DBACSENSITIV = ON has been set. The default password, if never set, is blank, and is sometimes used to establish general restrictions for all users, who therefore do not set their passwords.

Click here to read more details, or check other articles as well.