Issue:
Customer wants to run the Web Services Employee Demonstration query using OCF as illustrated in the Web Services for CA IDMS User Guide, release 19.0.0.2. The query is
SELECT * FROM DEMOEMPL.IDMSCONP
WHERE EMP_ID = '0472' AND
IP_ADDRESS = ‘127.0.0.1
AND CV_PORT = 3800
AND DBNAME = 'SYSDICT'
AND USER_ID_BIN = 'USERA'
AND PASSWORD_BIN = 'password’;
This query failed with error message
DB347012 V5994 T696 Security Violation: user=*UNKNOWN* subschema=EMPSS01 dbname=SYSDICT program=
The IDMS Central Version is secured : Signon, TASK and Database security is active via Internal Security.
Environment:
19.0, Incremental Release 2 (INC02/IR2)
Cause:
This problem happens when the query is executed in a secured CA IDMS Central Version and CA IDMS Web Services has not been informed to do a signon.
Resolution:
1. Make sure that the user ‘USERA’ has all necessary authorities to access the involved database(s).
2. Make sure that the LWEBSERV task is unsecured :
a) by adding a TASK entry in your RHDCSRTT source to turn security off :
#SECRTT TYPE=OCCUR,RESNAME='LWEBSERV', X
RESTYPE=TASK,SECBY=OFF
b) or, by adding the LWEBSERV Task into a Resource Category which has EXECUTE authority being granted to PUBLIC.
Additional note :
The LWEBSERV task must be unsecured. If the task is secured (and even if your userid has the necessary
authorities to execute the task), then the query will fail with this message :
DC021102 V67 SECUIRITY VIOLATION BY USER ***. ACCESS TO RESOURCE LWEBSERV DENIED.
3. Within a secured CA IDMS Central Version, you need to inform CA IDMS Web Services to issue a signon when executing
these queries.
This can be done by running the task WSQP with parameter “REQUIRE SIGNON=YES”, before executing the queries.
The WSQP task stores the configuration settings in a queue record called IDMSWS-VER2. This task calls program
RHDCWSQL to load the updated queue into storage ID WSV2.
During startup, the WSQL task is started automatically, to read the IDMSWS-VER2 queue and load it into a shared
storage with ID WSV2. It writes the following message into the IDMS log :
DC503300 V67 T25 RHDCWSQL *** IDMS WEB SERVICES STORAGE ALLOCATED.
4. Make sure to include the userid AND password in the query, by means of the USER_ID_BIN and PASSWORD_BIN columns.
Example : See the Select statement shown above.
Additional Information:
More information about CA IDMS Web Services can be found in the Web Services for CA IDMS User Guide, release 19.0.0.2.
Details about the WSQP task are described in Chapter 2: Installation, Configuration, and Usage Considerations, section Product Configuration.