Chapter Contents
Previous
Next
|
Chapter Contents |
Previous |
Next |
| Communications Access Methods for SAS/CONNECT and SAS/SHARE Software |
| Client Tasks |
User and Applications Programmer
To prepare for accessing a SAS/SHARE server, perform the following tasks:
| Configuring the Server in the SERVICES File |
Each server must be defined as a service in the SERVICES file on each host node from which a client session will access the server. This file usually is located in the directory in which the TCP/IP software is installed. See Configuring the SERVICES File for information about editing the SERVICES file.
| Setting Security for Connecting Clients |
Requiring connecting clients to supply a valid userid and password enforces server security. At the client, set the preferred security method for relaying a userid and password that are valid on the server host. For details, see Setting Security for SAS/CONNECT and SAS/SHARE.
| Specifying the TCP/IP Access Method |
Use the following syntax to specify the TCP/IP access method at each connecting client:
OPTIONS COMAMID=access-method-id;
where COMAMID is an acronym for Communications Access Method Identification. access-method-id identifies the method used by the server to communicate with the client. TCP (short for TCP/IP, which is an abbreviation for Transmission Control Protocol/Internet Protocol) is an example of an access-method-id.
Example:
options comamid=tcp;
The server is accessed using the TCP/IP access method.
You may specify the COMAMID option in an OPTIONS statement, at a SAS invocation, or in a SAS configuration file.
Additionally, you may use the COMAUX1 and COMAUX2 options to designate auxiliary communications access methods. See SAS/CONNECT: Valid Access Methods Between Hosts for the supported access methods by host. If the first method that is designated fails to access a server, the second method is attempted, and so on. You can specify up to two auxiliary access methods, depending on the number of access methods that are supported between client and server hosts.
COMAUX options can be specified only at a SAS invocation or in a SAS configuration file. The syntax for the COMAUX options follows:
COMAUX1=alternate-method COMAUX2=alternate-method
An example of configuration file entries for a CMS client connecting to a CMS server follows:
comamid=tcp comaux1=appc comaux2=iucv
If the server cannot be reached using the TCP/IP method, a second attempt is made with the APPC access method, and then with the IUCV access method.
| Specifying a Server Name |
If the client and server sessions are running on different network nodes, you must include the node name in the server identifier in the LIBNAME and PROC OPERATE statements as follows:
SERVER=node.server
This representation is known as a two-level server name.
node must be a valid TCP/IP node name. If the server and the client sessions are running on the same node, you may omit the node name.
server can represent either a server-id or a port number.
libname mylib '.' server=srvnode._ _5000;
If the TCP/IP node name is not a valid SAS name, you can assign the name of the server's node to a SAS macro variable. Use the name of the macro variable for node in the two-level server name.
The access method evaluates the node name, in this order of precedence:
The following example shows the assignment of a SAS macro variable to a server's node name:
%let srvnode=mktserve.acme.com; libname sales 'sasdata a' server=srvnode.server1;
Note: Do not use an ampersand
(&) in a two-level server name. An ampersand causes the macro variable
to be resolved by the SAS macro facility prior to syntactic evaluation of
the SERVER= option. The access method evaluates the node name in a two-level
server name. ![[cautionend]](../common/images/cautend.gif)
See SAS Language Reference: Dictionary for details about SAS naming rules. See SAS/SHARE User's Guide for details about the PROC OPERATE and LIBNAME statements.
| Client Example |
The following example illustrates the statements that you specify in a CMS client SAS session to access a server with the TCP/IP access method:
options comamid=tcp; libname sasdata 'sasdata a' user=_prompt_ server=rmtnode.share1;
The COMAMID option declares the TCP/IP access method. The LIBNAME statement specifies the data library that is accessed through the server (which is identified by the two-level server name RMTNODE.SHARE1) by means of a prompt for a username and a password that are valid on the server host.
| Server Tasks |
Server Administrator
To set up a secure server, perform the following tasks at the server:
Note: Optional tasks apply to setting up server security.
| Configuring the Server in the SERVICES File |
Each SAS/SHARE server must be defined as a service in the SERVICES file of each remote host node on which a server runs and on each node from which a user session accesses the server. This file is located in the directory in which TCP/IP software is installed.
Example:
server1 5010/tcp # SAS/SHARE server 1
See Configuring the SERVICES File for more information.
| Setting Server Security |
You may use file permissions to restrict a user's access to libraries and files through a server. A secure server allows connections only from those clients that provide valid userids and passwords for the host on which the server is running. A secure server uses a validated userid and password to verify a user's authority to access a SAS library or file.
Requiring connecting clients to supply a valid userid and password enforces server security. From a server session, set the TCPSEC variable to the value _SECURE_. See Providing Client Identification in a pre-Version 8 Session for more information.
| Enforcing Server Userid and Password Encryption |
As a security measure, you may set the AUTHENCR variable to enforce the encryption of userids and passwords when they are passed from the client to the server. See SAS/SHARE Only Variable for details about setting the AUTHENCR variable.
| Set User Authentication and Permissions for the Server |
Authentication and permissions are set by calling "user exits" and are supplied by the user. SAS provides several examples that can be used. Documentation for these exits is provided in the CMS Installation Guide.
| Specifying the TCP/IP Access Method |
You must specify the TCP/IP communications access method at the server before a client can access it.
Use the following syntax to specify the TCP/IP access method at the server:
OPTIONS COMAMID=access-method-id;
where COMAMID is an acronym for Communications Access Method Identification. access-method-id identifies the method used by the server to communicate with the client. TCP (short for TCP/IP, which is an abbreviation for Transmission Control Protocol/Internet Protocol) is an example of an access-method-id.
For a server that is running on a host on which only one communications access method is available, use only the COMAMID option.
Example:
options comamid=tcp;
The server will be available only to SAS/SHARE sessions that use the TCP/IP access method.
You may specify the COMAMID option in an OPTIONS statement, at a SAS invocation, or in a SAS configuration file.
However, if the host on which a server is running supports multiple access methods, you may specify up to two auxiliary access methods by which clients may access the server. See SAS/CONNECT and SAS/SHARE: Supported Access Methods According to Host Release for the supported access methods by host.
All of the access methods initialize when the server initializes. The activation of multiple access methods makes a server available to several groups of clients, each using a different communications access method simultaneously.
COMAUX options can be specified only at a SAS invocation or in a SAS configuration file. The syntax for the COMAUX options follows:
COMAUX1=alternate-method COMAUX2=alternate-method
An example of configuration file entries for a server that is running on a CMS host follows:
comamid=tcp comaux1=appc comaux2=iucv
When the server starts, all of the communications access methods are initialized. The server is simultaneously available to client sessions that use the TCP/IP access method as well as to clients that use the APPC and IUCV access methods.
| Specifying a Server Name |
You must specify the server name in the PROC SERVER statement. Use the following syntax:
SERVER=server
server can represent either a server-id or a port number.
libname mylib '.' server=_ _5000;
See SAS Language Reference: Dictionary for details about SAS naming rules. See SAS/SHARE User's Guide for details about the PROC SERVER statement.
| Server Example |
The following example illustrates the statements that you specify in a SAS session on the CMS host at which you start a server:
%let tcpsec=_secure_; options comamid=tcp; proc server id=share1 authenticate=req; run;
The value _SECURE_ for the TCPSEC macro variable requires clients to supply a valid server userid and password in order to allow client access to the server. The TCP/IP access method is declared and the server SHARE1 is started on the CMS host.
|
Chapter Contents |
Previous |
Next |
 Top of Page |
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.