CL Programming

Security Considerations for Objects

When the system accesses an object that you refer to, it checks to determine if you are authorized to use the object and to use it in the way you are requesting. Generally, you must be authorized at two levels:

Object authority is controlled by the system's security functions, which include the following:

The Security - Reference Link to PDF book explains in detail the types of authority that can be granted for an object and what authority a user needs to perform a function on that object. Authority that can be granted for libraries is discussed under Specifying Authority for Libraries.

Special considerations apply when writing a program that must be secure (for example, a program that adopts the security officer's user profile). See the Security - Reference Link to PDF book for information about writing these programs.

Display Audit Journal Entries (DSPAUDJRNE) Command

The Display Audit Journal Entries (DSPAUDJRNE) command allows you to generate security journal audit reports. The reports are based on the audit entry types and the user profile that are specified on the command. You can limit reports to specific time frames, and you can search detached journal receivers. You can direct these reports to the active display or an output queue.

RESTRICTIONS:
You must have *ALLOBJ and *AUDIT authorities to use this command.

Refer to online help to see the parameter and value descriptions for this command.


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]