IBM GC28-1920-01 Server User Manual


 
Chapter 10. Application Development Considerations
Application development is the process of planning, designing, and coding
application programs that invoke RACF functions. This section highlights new
support that might affect application development procedures:
Year 2000 support
OS/390 OpenEdition DCE Application Servers
Changes to the class descriptor table
Programming interfaces
Year 2000 Support
RACF provides a date conversion routine, IRRDCR00. Programs can call
IRRDCR00 to convert a RACF 3-byte packed decimal date in the form
yyddd
F into
a 4-byte packed decimal date in the form
ccyyddd
F, where
cc
is 00 for dates in the
range 1971-1999 and 01 for dates in the range 2000-2070. The routine returns a
date in the form:
00
yyddd
F if
yy
is 71 or higher
01
yyddd
F if
yy
is less than 71
For more information on IRRDCR00, see
OS/390 Security Server (RACF) Macros
and Interfaces
.
OS/390 OpenEdition DCE Application Servers
OS/390 OpenEdition has two fundamental types of application servers:
Multithreaded applications
Single threaded applications
A
multithreaded
application has multiple sequential flows of control. In a
multithreaded application, more than one unit of work at a time is processed by the
server application.
A
single threaded
application has one sequential flow of control. In a single
threaded application, one unit of work is processed at a time by the application
server.
OS/390 OpenEdition provides an S/390 assembler callable service, the
pthread_security_np service, and support through the C run time library. This
support enables
unauthorized
(the term
unauthorized
refers to applications that are
not APF-authorized and do not run in supervisor state or in a system storage
protection key) multithreaded applications to create and delete a RACF ACEE, in a
fashion that is mediated and controlled by the MVS OpenEdition kernel and RACF.
The pthread_security_np service enables multithreaded applications to customize
the security environment of a thread, meaning that the thread can execute under a
different RACF identity than the server. If the server customizes the thread initiated
for the client with the client's RACF identity, any resource access decisions to MVS
RACF-protected resources are made using the client's RACF identity and
authorizations.
Copyright IBM Corp. 1994, 1996 51