Manage Learn to apply best practices and optimize your operations.

Securing a Java application

I have a Java application that calls iSeries commands. The user that's using the application needs LMTCPB *NO. The Java class imports the com.ibm.as400.access* from the jt400ntv.jar and then it creates the CommandCall class to call iSeries commands (CHGLIBL, CHGCURLIB, ADDLIBLE, CHGDTAARA, etc.). How can I avoid giving the user LMTCPB *NO? Also, do you know of another way to call iSeries commands?
The CommandCall class must be making a call to the OS/400 interface that processes CL commands. Anytime this interface is used, the limited capability of the user will be checked. You have a couple of options, you can change the Allow limited user attribute of selected commands (using the CHGCMD command) to allow the commands to be run by a limited capability user. (The default is to not allow the command to be run by a limited capability user.) Or, you can use an interface, such as REXEC that does not check the limited capability parameter.


The Best Web Links: tips, tutorials and more.

Search400's targeted search engine: Get relevant information on security.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Check out this Search400.com Featured Topic: Top ten security tips

Dig Deeper on iSeries system and application security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.