Easysoft SQI-Zortec System Z Driver User Guide - Administration
Using the Easysoft Web Administrator
This section describes how to create and grant user access permissions to your data using the Easysoft Web Administrator provided with the Easysoft SQI-Zortec System Z Driver.
The Web Administrator utility allows you to limit the access that people have to your data by creating users for a data source and specifying their access rights to the data within that data source.
This allows individual users to be prevented from editing, deleting or viewing certain files.
Starting the Web Administrator
To run the Web Administrator it is necessary to start the Web Administrator server and then connect to it from a web browser.
Follow the instructions in the appropriate platform box to start the server:
1. Select Start > Programs > Easysoft > Easysoft Data Access for Zortec System Z > Web Administration Server.
The Web Administrator starts up in a minimized DOS session. The port at which the server is listening is displayed in this DOS window. The default port is 8454.
1. Log onto your machine as root.
2. Change into the <InstallDir>/easysoft/sqi/systemz directory.
Accept the default port (8454) or specify another unused port.
Run a Web browser on the machine from where you want to manage your users, and go to http://server:8454 (where server is the name or IP address of the machine on which the Easysoft SQI-Zortec System Z Driver is installed and 8454 is the port at which the Web Administrator is listening).
For example, if the Web Adminstrator is running on the local machine, type:
The main screen of the Web Administrator displays a list of the data sources which have been configured for use with the Easysoft SQI-Zortec System Z Driver:
Figure 20: The main Web Administrator screen
During installation, if you did not specify the file locations needed to link to your System Z data, and you have not specified them since, any attempt to work with a SYSTEMZ data source will produce an error. See "Unix odbc.ini settings" on page 69 for details of the attributes you need to set to configure the data source.
If you ever need to stop the Web Administrator:
- Windows users should close the DOS window in which the server is running.
- Unix users should log on as root, change into the <InstallDir>/easysoft/sqi/systemz/bin directory and run ./stop_http.sh.
The Web Administrator should only ever need to be restarted if the server fails or if it is to be run from another port.
Sufficient permissions are required in order to stop the Web Administrator (i.e. users other than root can only stop processes they started). Also, in Unix (especially) file permissions dictate who can change the schema files where the users and privileges are stored.
Logging on to the Web Administrator
To create users and specify their rights, you must log on to the Web Administrator as the top level user (known as the database owner) and enter the password for that user.
You are required to log on when you click Users or Access Rights for the first time in a Web Administrator session, and again if you select a different data source or change the password of the database owner.
When asked to log on for the first time, enter a user name of dboand password of easysoft, but once logged on, the password of the database owner must be changed immediately:
1. Click Users to display a list of users.
Only the dbo user is set up by default.
2. Enter a new dbo password in the Password box and the old dbo password in the Old Password box.
The old password must be entered for the new password to take effect.
3. Click Submit to save the new dbo password.
Adding Users explains how to add other users so that their access to the ISAM data can be restricted.
The database owner sees all tables that contain System Z data within the Web Administrator, irrespective of their own synonym settings.
To add users:
1. Log on to the Web Administrator as described in Logging on to the Web Administrator.
You must log on as the dbo user if you have not already done so.
2. Click Users
3. Select the data source for which you want to create users.
Any users already set up for this data source are listed on the page. The last row in the list of users is blank, which is where the details are entered to add a new user.
Click Refresh whenever you select a different data source to ensure that you are viewing the correct list of users for that data source.
4. To add a user, type a name in the empty User box.
5. Enter a synonym.val file and/or password for the user if required:
- a synonym.val file contains a user-specific list of synonyms in the System Z data, and can either be specified here or as an attribute of the data source (any synonyms specified here override any specified as an attribute of the data source).
- a password provides additional security against unauthorized access to the selected data source.
6. Click Submit to create the user:
Figure 21: Adding users in the Web Administrator
By default, new users do not have access to any tables in the selected data source.
To find out how to enable privileges for a user see Specifying user access rights.
When you have enabled a user, you must inform the user of their user name and password (if any) because they will need to enter these details when setting up a data source to connect to the System Z data.
Where the user enters these details depends on how they are connecting to the data, as the user name and password may be entered either as part of the data source configuration during set up or via an application dialog box at run time.
To configure the data source:
- when connecting to local data on a Windows NT machine, the user needs to enter these details on the Easysoft Data Access for Zortec System Z DSN dialog box
- when connecting to local data on a Unix machine, the user needs to enter these details in the appropriate DSN section in odbc.ini
- when using an Easysoft ODBC-ODBC Bridge client on Windows NT to connect to data on a Unix server, the user must enter these details on the Easysoft ODBC-ODBC Bridge DSN dialog box that they complete to connect to the data source.
The user name and password are case-sensitive, so ensure that you give your users these details in the correct case.
Modifying and removing users
You can change a user's synonym.val file and/or password and delete users to permanently remove their access to the database.
To modify or remove a user:
1. Log in to the Web Administrator as described earlier.
2. Click Users.
3. Select the data source whose users you want to modify or delete, then click Refresh to ensure that you are viewing the users for that data source.
4. Edit the details in the Synonym File or Password box for the appropriate user then click Submit to confirm your changes.
5. To delete a user, click the Delete box for that user (the box contains an X when it is selected), then click Submit. The user is removed from the list on this page.
Specifying user access rights
Once you have created a user for a System Z data source, you can choose which data source tables that user has access to and whether they have select, insert, update or delete access to each table.
To grant a user access to specific data source tables:
1. Log in to the Web Administrator as described earlier.
2. Click Access Rights.
3. Choose the data source for which you are granting access. Click Refresh to ensure that the correct list of users is displayed.
4. Choose the user for whom you want to grant access (choose the Public user to specify the same rights for all users).
5. Click Refresh to ensure that the correct permissions are displayed for this user.
All the tables in the selected data source are listed, and the current user's rights to those tables are shown.
6. To grant the user all rights to all tables, click Grant All.
7. To remove all the user's rights to all tables, click Revoke All.
8. To grant specific rights to specific tables, select or deselect the appropriate boxes and click Submit Selection to apply the changes.
For example, to give a user read-only access to all the tables in the data source, click Revoke All to remove all their rights, then click the Select box for each table (these boxes contain an X when they are selected) and apply the changes by clicking Submit Selection.
In The Web Administrator user access rights screen, user test has SELECT access for all four tables in the data source, INSERT access to the Supplier table, and UPDATE and DELETE access to the Product table:
Figure 22: The Web Administrator user access rights screen