The AcceptRequest should return a ‘1’ (*On) for SQL requests that should run and a ‘0’ (*Off) for those requests that should be cancelled. Field EZDUP05 (OK, IBM doesn’t come up with the greatest field names) contains the name of the requesting user. Only allow database server SQL statements from user ODBCUSER or a licensed program (part of the base OS). QSYSINC is installed with the SYSTEM OPENESS INCLUDE external SQL database calls based on user profile. This sample program demonstrates how to restrict access to DBSEXIT - Database Server Exit Example With that in mind, we can quickly construct a simple program to accept or reject any external SQL database request based on criteria such as the requesting user profile. Within this member, structure EZDSQLF2 contains the parameter list for format ZDAQ0200 so that we don’t have to type it. Thankfully, source file QSYSINC/QRPGLESRC has member EZDAEP which contains the parameter structure definitions for many exit programs including QIBM_QZDA_SQL2. The length can be a maximum of 32K.įormat is defined by member EZDAEP in files H, QRPGSRC, QRPGLESRC, QCBLSRCįigure 1: Exit point QIBM_QZDA_SQL2 format ZDAQ0200 Length of SQL statement text in the field thatįollows. Name of the default SQL collection used by the iSeries Database Server. Name of the library for extended dynamic SQL Name of the cursor used for the open function. ![]() This field contains one of the following: QIBM_QZDA_SQL1, the format name is ZDAQ0100. The value is *SQLSRV for this exit point. The name of the user profile that is calling the The table below (taken from IBM’s Web site shows the format of this data structure, which is referred to as ZDAQ0200. For exit QIBM_QZDA_SQL2, one only needs to code two parameters: a one-character field defining whether the program should accept or reject a database request and a data structure containing information about the request. Writing an exit program is extremely easy. They are essentially the same with the exception that exit point QIBM_QZDA_SQL2 provides a little more information. There are actually two SQL database server exit points: QIBM_QZDA_SQL1 and QIBM_QZDA_SQL2. Sometimes, therefore, these exit programs are referred to as security exits. (For example, perhaps only certain users are allowed to make ODBC or JDBC requests to the iSeries.) Based on the information passed, an exit program can decide whether or not the request should be allowed to run. ![]() Typically exit programs are used to implement various security restrictions based on this information. NET, etc.) It provides information such as the user making the request, the SQL statement text, the package name, the default SQL collection (library), and so forth. (All SQL requests incoming from another computer using JDBC, ODBC, OLE DB. The SQL database server exit point provides information to a user defined program about incoming SQL requests. Second, I’ll relate an experience of how the ability to use these exits creatively allowed me to avoid hours of time that would have been required to do some major re-coding of an application.įor those familiar with event driven programming, think of an exit point as a programmable event that occurs on the System i and an exit program as the code that is optionally defined to run when a specific event occurs. You can take the principles applied in the given example and apply them to a wide range of exit points available on the System i. In this article, I first want to discuss one particular exit point–the SQL database server exit–and illustrate how it can be used to make your System i more secure. This kind of versatility allows a developer to have fine-tuned control over a wide array of events on the system. Further, developers are allowed, via exit points, to create exit programs that interact with the system by responding to certain events that occur, such as when an FTP, SQL or Telnet request is made by a client application. ![]() One example of that power is the fact that developers can tap into many features of the OS within homegrown applications by using the provided Application Programming Interfaces (APIs). ![]() The System i platform has a powerful operating system, i5/OS. Get Creative Using the SQL Database Exit Point
0 Comments
Leave a Reply. |