Support User Manuals

IBM GC28-1920-01 Server User Manual

Open as PDF

of 110

Chapter 10. Application Development Considerations

Application development is the process of planning, designing, and coding

application programs that invoke RACF functions. This section highlights new

support that might affect application development procedures:

 Year 2000 support

 OS/390 OpenEdition DCE Application Servers

 Changes to the class descriptor table

 Programming interfaces

Year 2000 Support

RACF provides a date conversion routine, IRRDCR00. Programs can call

IRRDCR00 to convert a RACF 3-byte packed decimal date in the form

yyddd

F into

a 4-byte packed decimal date in the form

ccyyddd

F, where

cc

is 00 for dates in the

range 1971-1999 and 01 for dates in the range 2000-2070. The routine returns a

date in the form:

00

yyddd

F if

yy

is 71 or higher

01

yyddd

F if

yy

is less than 71

For more information on IRRDCR00, see

OS/390 Security Server (RACF) Macros

and Interfaces

.

OS/390 OpenEdition DCE Application Servers

OS/390 OpenEdition has two fundamental types of application servers:

 Multithreaded applications

 Single threaded applications

A

multithreaded

application has multiple sequential flows of control. In a

multithreaded application, more than one unit of work at a time is processed by the

server application.

A

single threaded

application has one sequential flow of control. In a single

threaded application, one unit of work is processed at a time by the application

server.

OS/390 OpenEdition provides an S/390 assembler callable service, the

pthread_security_np service, and support through the C run time library. This

support enables

unauthorized

(the term

unauthorized

refers to applications that are

not APF-authorized and do not run in supervisor state or in a system storage

protection key) multithreaded applications to create and delete a RACF ACEE, in a

fashion that is mediated and controlled by the MVS OpenEdition kernel and RACF.

The pthread_security_np service enables multithreaded applications to customize

the security environment of a thread, meaning that the thread can execute under a

different RACF identity than the server. If the server customizes the thread initiated

for the client with the client's RACF identity, any resource access decisions to MVS

RACF-protected resources are made using the client's RACF identity and

authorizations.

 Copyright IBM Corp. 1994, 1996 51

previous next