
	Home > AS/400 Tips > iSeries programmer tips > Adding security to FTP and the QUOTE RCMD command

iSeries 400 Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

ISERIES PROGRAMMER TIPS

Adding security to FTP and the QUOTE RCMD command

Jim Townsend
07.19.2001
Rating: -4.00- (out of 5) Hall of fame tip of the month winner

Digg This!

StumbleUpon

Del.icio.us

For security reasons all of our files /commands etc. have the authority of *PUBLIC = *EXCLUDE.

This can cause a problem when using FTP, often you wish that the person sending or receiving the file would also execute a command.

What we have done is set up a command on the AS/400 that will submit a job on the job scheduler. The job on the job scheduler will then submit the command under a generic user profile that has authority to all the commands and files.

The FTP user submits a command such as: QUOTE RCMD CLRMYFILE.

The command on the AS/400 will execute a CL program CLRMYFILE, which will submit a job from the job scheduler, which will clear a file after it has been picked up by the user.

The CL will look like this:

             PGM
    SBMJOBJS   JOB(CLRMYFILE) TIME(*IMMED)  +
                  LOG(4 00 *SECLVL) LOGCLPGM(*YES)

            RETURN
            ENDPGM

On the job scheduler you would create the job entry and enter the CLRPFM command for the file the user needs to clear.

Use option 2 and page down until you see this screen and enter the user ID that you want the job to run under.

 
   -------------------------Submission Information--------------------- 
                                                                                
   Job description  . . . . . . .   *USRPRF       Name, *USRPRF, *JOBCTL        
     Library  . . . . . . . . . .                 Name, *LIBL, *CURLIB          
   Job queue  . . . . . . . . . .   *JOBCTL       Name, *JOBD, *JOBCTL          
     Library  . . . . . . . . . .                 Name, *LIBL, *CURLIB          
   Job priority (on JOBQ) . . . .   *JOBCTL       1-9, *JOBD, *JOBCTL           
   Output priority (on OUTQ)  . .   *JOBCTL       1-9, *JOBD, *JOBCTL           
   Print device . . . . . . . . .   *JOBCTL       Name, *USRPRF, *SYSVAL...     
   Output queue . . . . . . . . .   *JOBCTL       Name, *JOBD, *USRPRF, *DEV... 
     Library  . . . . . . . . . .                 Name, *LIBL, *CURLIB          
   User . . . . . . . . . . . . .   GENERIC       Name, *JOBD, *CURRENT...      
   Print text . . . . . . . . . .   *JOBCTL                                     
   Routing data . . . . . . . . .   *JOBCTL

This way the user can only clear the file you want him/her to clear.

We also use this method to submit job processing after a user has sent us as file such as updates to a table. This way we do not need trigger files or never ending programs. When we get the file it is processed.

You have to make sure that when using this security you grant authority for the user to the library, the file and the command.

Rate this Tip
To rate tips, you must be a member of Search400.com. Register now to start rating these tips. Log in if you are already a member.
Submit a Tip

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	iSeries programmer tips
	Enhancing RPG with external SQL stored procedures
	Tracking data changes on IBM i with triggers
	Introduction to SQLRPGLE on IBM i: Making a report
	Implementing a browser interface in COBOL: Displaying database fields
	Taking advantage of CL advancements, starting with V5R3
	TAATOOL: Useful tools for programmers on IBM i
	Implementing a browser interface in COBOL: Creating your graphic Web page
	Implementing a browser interface in COBOL: Getting started
	Making the most of RPG data handling on IBM i
	Groovy programming on IBM i

FTP

How to view source files in the library

Simplify the process of converting a spool file from iSeries into an Excel spreadsheet

Generically send a text file from the IFS via FTP

Automate Client Access to find files on Windows scheduler

SAVF by FTP on AS/400 -- error "source file not found"

Use a virtual directory to move a .bmp file from the IFS to a remote server

Transferring binary files to IFS from a PC via FTP

FTP from AS/400 to PC folder

How to FTP without knowing the file name

IFS folder error

iSeries system and application security

Developing a security incident response system for System i

Setting up security for programmers on IBM i

Blocking AS/400 DB2 users

Trouble accessing IFS path from Win2k3 server

Checking in on your IBM i authorization lists

Strategies for securing IBM i production files

Changing password security levels and upgrading operating systems on the IBM i

Determine the value of parameter UPPWEI in the DSPUSRPRF field

Define journal code value "K"

Modify content within a journal receiver file

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

midrange (Search400.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

iSeries Security - Security Tools, Physical Security and System Security

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 1999 - 2009, TechTarget \| Read our Privacy Policy