Setting up Security for External Access

The Reality components listed below all connect via server programs. Any Reality user-ids used to log in via these components must be set up to provide the required access.

Note: On UNIX systems, each Reality user-id used for remote access must have a corresponding UNIX user-id and the UNIX password must be used when connecting – see Differences between UNIX and Windows.

RealWeb

Log on to the SYSMAN account and run SSM. Then do the following:

Use SSM option 2 to set up a user-id that will be used to access RealWeb. Set the status (field 13) to ’E’ (enabled) and the type (field 14) to ‘S’ or ‘*’ so that it can be used as a server.
Use SSM option 3 to configure the security profiles associated with this user-id, setting field 8 to specify an alternative security profile to be used when logged in via the RealWeb server, RWSRVR. You can specify DEFAULT.REALWEB as this alternative profile, or you can set up a new security profile, based upon DEFAULT.REALWEB, to be used with the RealWeb user-id.

If you create your own alternative profile, it must have option 23 (Remote Basic) set to R (restricted), and specify the file REALWEB.SECURITY. This file is created when you use SETUP-ACCOUNT to add RealWeb to an account, and is automatically maintained by the system. You can add your own RealWeb subroutines to this file if required (see Restricted Access Lookup File).

Web Services

Each user-id that is used by Reality Web Services must be set up as follows:

Set the status (field 13) to ’E’ (enabled) and the type (field 14) to ‘S’ or ‘*’ so that it can be used as a server.
The user-id's associated security profile (option 12) must specify an alternative profile for the WEBSRVR server (see Define Security Profiles, option 8). A default security profile called DEFAULT.WEBACCESS is provided for this purpose, or you can create your own alternate profile.

If you create an alternative profile, it must have option 23 (Remote Basic) set to R (restricted), and specify the file WEBACCESS.SECURITY. This file is created when you use SETUP-ACCOUNT to add WEBACCESS to an account, and is automatically maintained by the system. You can add your own subroutines to this file if required (see Restricted Access Lookup File).

Remote Basic (JReal and Remote Basic ActiveX Control)

To call a Remote Basic subroutine using JReal or the Remote Basic ActiveX Control, you must establish a connection to an account on a Reality database – you will need to use a user-id that has been set up as follows.

Log on to the SYSMAN account and run SSM. Then do the following:

Use SSM option 3 to create a security profile to be used with the Remote Basic server. It is recommended that this profile should have field 23 (Remote Basic) set to R (restricted); you must also specify a file in which the subroutines that can be called remotely are listed (see Restricted Access Lookup File).
Use SSM option 2 to set up a user-id that will be used to access your Remote Basic subroutines. Set the status (field 13) to ’E’ (enabled) and the type (field 14) to ‘S’ or ‘*’ (so that it can be used as a server).
Use SSM option 3 to configure the security profile associated with the user-id you have created, setting field 8 (Alt Server Profiles) to specify that the Remote Basic server (RBSRVR) should use the security profile you created in step 1.

RealEdit

Each user-id that allows connection via RealEdit must be set up as follows:

Allow operation in server mode (option 14 = S or *).
The user-id's associated security profile (option 12) must specify an alternative profile for the EXPSRVR server (see Define Security Profiles, option 8). A default security profile called DEFAULT.EXPLORER is provided for this purpose, or you can create your own alternate profile.

The alternate profile must have option 23 (Remote Basic) set to R (restricted) and specify the file EXPLORER.SECURITY (see Restricted Access Lookup File). This file is created when you use SETUP-ACCOUNT to add RealEdit to an account, and is automatically maintained by the system.

Note: You should not change the contents of the EXPLORER.SECURITY file.

SQL for Reality

Each user-id that is used by SQL for Reality must be set up to allow operation in server mode (option 14 = S or *).