BEA Logo BEA Tuxedo Release 8.0

  BEA Home  |  Events  |  Solutions  |  Partners  |  Products  |  Services  |  Download  |  Developer Center  |  WebSUPPORT

   http://www.oracle.com/technology/documentation/index.html   |   Site Map   |   Search   |   PDF Files   |   Contact   |   Glossary

 

   Tuxedo Documentation   |   Using Security in ATMI Applications   |   Local Topics   |   Previous Topic   |   Next Topic   |   Contents

 

Writing Security Code So Client Programs Can Join the ATMI Application

Client programs are responsible for gathering data from outside the application or computer, bundling the data into messages, and forwarding the messages to servers for processing. Client programs are made available to users through devices such as automatic teller machines (ATMs), data entry terminals, and graphics devices.

For default authentication and authorization, application security may be set to one of five levels. At the lowest level, no authentication is performed. At the highest level, an access control checking feature determines which users can execute a service, post an event, or enqueue (or dequeue) a message on an application queue. Setting the security level for an ATMI application is the responsibility of the application administrator.

An application programmer needs to perform two tasks so that a client program can join an ATMI application:

The following pseudo-code summarizes the operation of a basic client program. The security-related statements are highlighted in bold.

Pseudo-code for a Client

 
main()
  {
            call tpchkauth() to check security level of ATMI application
            get usrname, cltname
            prompt for application password
            prompt for per-user password
            allocate a TPINIT buffer
            place initial client identification into TPINIT buffer
            call tpinit() to enroll as a client of the ATMI application
            allocate buffer
            do while true {
                      place user input in buffer
                      send service request
                      receive reply
                      pass reply to user }
            leave application
  }

Most of the statements in the preceding listing are implemented by ATMI functions in either C or COBOL. The preceding listing shows only the C language implementation.

A client program written in C uses tpinit(3c) to comply with the level of security set for the ATMI application and to join the application. The argument to tpinit() is a pointer to a TPINIT buffer. To perform the same tasks in a COBOL application, a client program calls TPINITIALIZE(3cbl), specifying a pointer to a TPINFDEF-REC record as an argument.

See Also

 

back to top previous page  

 

Copyright © 2001 BEA Systems, Inc. All rights reserved.
Required browser: Netscape 4.0 or higher, or Microsoft Internet Explorer 4.0 or higher.