Power-Programmierung

home *** CD-ROM | disk | FTP | other *** search

/ Power-Programmierung / CD1.mdf / clarion / tools / tam2_5 / tam2.doc < prev next >

Wrap

Text File | 1991-12-31 | 51KB | 886 lines

"THE" ACCESS MANAGER II (Tam2) ============================== BY GAFFT SYSTEMS Inc. 619 Milwaukee Av - Suite 27 Glenview, Il 60025 01/01/92 1. What is Tam2 ? Over the past several years, while developing custom business systems for our clients, we found ourselves constantly writing and tailoring MENUing and access control FRONT ENDs to customize and integrate our applications with their existing ones. Our customers were always asking for a single ACCESS CONTROL SYSTEM to manage all their applications not just ours. This, obviously, was not very productive, we spent a significant amount of time just to get the colors to match their Company colors, not to mention the maintenance problems caused by the different versions of an essentially same program. We finally decided to address this by developing ONE access control program that would meet at minimum 80% of our clients requirements. After some tinkering, a new system was born at our organization that quickly became our foundation for future application development, we named it "The" Access Manager, TAM for short. Within a few months we moved the majority of our clients to this system with minimum impact to them and their business. Our technical support service levels increased significantly and our maintenance problems went away due to the standardization we had achieved. We also discovered that the system exceeded the 80% target, and by adding a few additional features, we were able to meet 100% of our clients requirements with just one set of programs. Impressed by this achievement, we decided to take the time to polish and package the product, and make it available to other CLARION, or otherwise, developers, systems integrators, consultants, etc..., who may be experiencing similar minor problems. Once packaged we named it "The" Access Manager II, or Tam2. We are currently in the planning stage of "The" Access Manager Deluxe (TamD), a "deluxe" version of Tam2 that will add various multiuser desktop facilities such as calendar, calculator, dialer,... Registered Tam2 users will be notified automatically when this new version becomes available. 2. OK, but what is it ? In a nutshell, Tam2, is the best, most complete, easy to use, no non- sense, network ready, integrated access control and menuing system available to CLARION application developers, integrators, and network administrators. It offers more "real" options and functionallity then the Tam2.Doc - Pg 1 most popular "off the shelf" MENUing program: - Network Operating System independent, works with many DOS based networks or multiuser systems. - Dynamically built menus and SUB MENUS. Options are only displayed if the signed on user's security level permits - Uses user specified QUICK/HOT keys to make selections, or move highlight bar to desired choice and press Enter - Prevent Exit to DOS by unauthorized users - Prevents multiple user sessions/logons - Network/Multi user Ready, Tested on a number of DOS based networks - No RAM overhead, requires 0K to run - User configurable; select colors, options, passwords... - All users Must Sign-On to access applications. Every user must be defined to the system and have a user id and password. - Separate modules allows for distribution of only the required functions to end users. - If desired, prevent users from accessing the system from un- authorized workstations. - Run Time Prompter, prompts for parameters at run time - Automatic LOGOFF after specified inactive time expires - When activated, creates audit trails of all accesses - Control Access to internal CLARION programs and procedures, SEE the section titled "Protected Program Procedures" for more information regarding this facility - User selectable Security Filters. Security Filters are used to determine if an option is to be listed on a MENU or SUB MENU for the currently SIGNED ON user. - HELP for every screen at the tap of F1 - BEST OF ALL ITS FREE and the source code is available to developers that want to improve or change the programs for their specific needs. And a lot more, MUST TRY IT TO BELIEVE IT. 3. How to install it VERY IMPORTANT All Tam2 executables were compiled/linked using CLARION version 2108A translator utility. To reduce the size of the distribution files the CLARION start-up code was not included (use RTL: YES). This means that none of the programs will work unless the files CLARION.RTL and RTLINKST.COM can be found along your DOS PATH. If you do not have access to these files, please let us know and we will provide you a version that wont require them. Also make sure that FILES=25 (or more) in included in your CONFIG.SYS. Installation can be very easy or relatively easy depending on your expected use. Follow these steps and don't be intimidated, I think I over did it with all these instructions. Most of you will zip right thru this: 1. Create a directory to store the Tam2 files and make it the current directory. Ex: MD \TAM2; CD \TAM2 2. De-Archive all files from the distribution disk to the new Tam2.Doc - Pg 2 directory. 3. Enter "MENU" from the DOS Prompt. This will display a SYSTEM SIGN-ON Screen. Sign on to the system using "GAFFT" as the USER ID and PASSWORD. "GAFFT" is used as the password for all other screens that may request a password. Of course you'll want to change this later. NOTE: if you used a different directory above you'll need to edit the statement set TAM2CFG=\tam2 in the MENU.BAT file to reflect your drive/directory. Menu.bat is and must remain a READ ONLY file (Help and EXE files should also remain READ ONLY). See the section "Configure Tam2" later in this document for more info. 4. Tam2's MAIN MENU will be displayed, Use F1 to familiarize yourself with the system if necessary. Option 1 on this menu is 'Tam2 Maintenance', Select this option. A SUB MENU will be displayed that contains two Options: 1) Configure Tam2 - Set Up Default colors, title, logging ... 2) Tam2 Administration - Add/Change/Delete users, stations,... 5. Use these programs to customize Tam2 to meet your needs or those of your users. See the sections "Configure Tam2" and "Administer Tam2" later in this document for more information or use the HELP screens by pressing F1. Briefly, use #1 to setup overall defaults, use #2 to maintain users, menu & sub menu options, stations, .... NOTE: As distributed, Tam2 contains some test users, options, etc... You may want to experiment with it a little and then delete it for a clean start. 6. Modify the autoexec.bat file. or other startup files, for each of your users so that the last statement in the file executes the batch file MENU.BAT in the Tam2 directory. VERY IMPORTANT: The file MENU.BAT is very critical to TAM2. For TAM2 Menu program to execute properly, this file must be located in a directory along the PATH. Alternatively, you can add the TAM2 directory to the PATH statement of every workstation and leave the MENU.BAT file in the TAM2 Directory. Once you've read this document and experimented for a few minutes, I'm sure you'll be able to determine what's best for your environment. Remember that TAM2 Menu program will execute the command "MENU" after executing a menu choice to reload its self. MENU.BAT is and must remain a READ ONLY File, if it isn't you will experience 'Sharing Violations' (this is only true if multiple users are sharing the same menu.bat file). Contents of Tam2 Directory: To provide a better understanding of TAM2, the following explains the purpose of each file, after unZipping, in the TAM2 directory: MENU.BAT Required, must be READ ONLY. Invokes TAM2.EXE. TAM2.CFG Stores default configuration information used by Tam2.exe and Tam2_adm.exe programs. TAM2.EXE Tam2 Menu and Access Control Program Tam2.Doc - Pg 3 TAM2_ADM.EXE Tam2 Administration program, maintain users, menus... TAM2.HLP Help file for both programs above. Must be located in same directory as the DATA FILES below, current directory or a directory along the DOS PATH. TAM2_CFG.EXE Tam2 configuration program. Select colors, title... TAM2_CFG.HLP Help file for above program. Store in PATH or Curr Dir MNU_ITEM.DAT Stores all the MAIN MENU Options MNU_ITEM.K01 Key file for MAIN MENU data file MNU_ITEM.K02 Key file for MAIN MENU data files SUB_ITEM.DAT Stores SUB MENU Options and their Actions SUB_ITEM.K01 Key file for SUB MENU data file SUB_ITEM.K02 Key file for SUB MENU data file USER.DAT Stores all the users authorized to use Tam2 USER.K01 Key file for USER data file USER.K02 Key file for USER data file STATION.DAT Stores all the workstations authorized to access Tam2 STATION.K01 Key file for STATION data file USER_STA.DAT Stores the stations a user can use to access Tam2 USER_STA.K01 Key file for USER_STA data file LOG.DAT Audit Tail Data File. Stores every access when enabled. LOG.I01 Index files created only when printing the audit trail LOG.I02 reports. One sorts by user id and the other by date. SECUTIL2.ZIP A set of BBS utilities (3), that when used along with Tam2, will significantly reduce un-authorized access to your system. TAM2_PPP.EXE Program to add/change Program procedures controlled by TAM2 access control facilities. PPP.HLP Help file for Tam2_ppp.exe PROGPROC.DAT Stores program procedures that TAM2 should control PROGPROC.K01 Key file for PROGPROC data file PPP_DEMO.EXE Demo that uses TAM2 to control access to its internal procedures SALE_DTL.DAT Data file used by PPP_DEMO.EXE PRODUCTS.DAT Data file used by PPP_DEMO.EXE SALE_DTL.K01 Key file used by PPP_DEMO.EXE PRODUCTS.K01 Key file used by PPP_DEMO.EXE PRODUCTS.K02 Key file used by PPP_DEMO.EXE SEE the section titled "Protected Program Procedures" for more information regarding this PPP business. 4. Configure Tam2: Use the program Tam2_cfg.exe to setup the overall defaults that all other Tam2 programs use. This program, which can be executed at the dos prompt Tam2.Doc - Pg 4 or added to the Tam2 Menu as an option (as it is at distribution time), is used to create or change the configuration information for Tam2, this file is named TAM2.CFG. Tam2 programs use this file to find out various settings at run time. Multiple configuration files can exist on a system, Tam2 determines which one to use in the following order: 1. Use the one pointed to by the environment variable TAM2CFG. The MENU.BAT file on the distribution diskette contains the command "set TAM2CFG=\tam2". This will force TAM2 programs to initially use the defaults set by us. If you used a directory other then TAM2, you will need to change this line to reflect your directory name. 2. If TAM2CFG is not found in the DOS environment, Use the one in the current directory. 3. If one is not yet found, looks along the DOS PATH and uses the first one it finds. Abort with an error message if one is not found, and accessible. Halt the system if this occurs while running Tam2 MENU program. The first screen that Tam2_cfg.exe displays asks for the drive and directory of the configuration file you want to create or change. Again if you are following the installation, press enter to accept the defaults. The next screen is used to select your preferences. The most critical part of this screen is the DATA FILES DRIVES and DATA FILES PATH. This is where you tell Tam2 where the data files are or will be stored. Note that the data files and configuration files do not need to be stored in the same directory. Data files in this context are the files containing the USER, MENU, SUB MENU, STATION,.. information. Tam2 programs make no assumptions as to where these files are stored. It will always look in these fields to find out which files to use for a session. YOU'LL LEARN TO APPRECIATE THIS ONCE YOU BEGIN TO CAPITALIZE ON THE FLEXIBILITY THIS OFFERS. The other information stored in the configuration file is: - The title to display on top of every screen - The amount of inactive time allowed prior to automatically LOGOFF a user. - The password required to access the DOS prompt or to access the Administration program. No entry or spaces means NOT required, allow access to anyone. - Whether Updating the MENU Options is allowed in the administration program or NOT. This is useful when you have different level of end users and you don't want lower level users to mess things up. - Whether Updating the Protected Programs Procedures is allowed in the administration program or not. See the section "Protected Program Procedures" for more info on this topic. - Whether logging is enabled or disabled - Customize the colors of the MENU programs - Printer type. This is informational only. NOTE: HELP is available in all Tam2 Screens/Fields by Pressing F1. These functions were kept separate to offer more flexibility to the developers or system integrators. One may opt to not distribute this program to his/her clients thus giving the impression that the program was custom developed for them (I know this sounds silly, but...). An other reason to not distribute this program is to keep your users from messing Tam2.Doc - Pg 5 things up, making it hard for you to provide technical support, this turned out to be very handy for us. In any event, the choice is yours. 5. Administer Tam2: To effectively manage any multiuser system a System Administrator is a must and, as we discovered, most organization have a person in playing that role. This person's responsibilities may be as simple as loading paper in the printer or as complex as loading new network operating system on servers, etc... In some cases, it is YOU, the developer or integrator who plays this role. The fact is that every organization has one. With this in mind, the program Tam2_Adm.EXE, which can be executed from the command line or added to the MENU as an option (as is the case at distribution time), is provided to assist a system administrator in managing a generic multiuser system (GENERIC in this context implies operating system independence). NOTE THAT EVERY FIELD ON THESE SCREENS CONTAIN CONTEXT HELP THAT DESCRIBES THE PURPOSE OF EVERY FIELD. USE F1 TO ACCESS THE HELP SCREENS. TAM2_ADM main functions are: MENU MAINTENANCE Use this option to ADD/CHANGE/DELETE items/options to Tam2 Main Menu or Sub Menus. When selected, a table containing all the MAIN MENU options is displayed. Use the Ins, Enter, or Del keys to add/change/delete items from the main menu. Menu items do not have actions associated with them but rather they have a SUB MENU. To access the Sub Menu for a particular item move the selector bar with the cursor keys to the desired choice and press F10. An other table is displayed which list the SUB MENU Items associated to it. Use the same keys as above to update this list. This is where ACTIONS are associated to an item/option. Also, note that every MAIN MENU or SUB MENU item has a SECURITY LEVEL associated with it. Tam2 Menu programs use these fields to determine if the currently signed on user should have access to this item. The item is NOT included/displayed on the MAIN/SUB MENU if this security check fails. See "Controlling Access to Applications" later in this section for more information on this topic. Actions, as stated above, are entered when a SUB MENU item is created. In other words you must tell TAM2 what to do when an option is selected when ever a SUB MENU ITEM is created. An action is usually the name of a program or batch file. It is also possible to tell Tam2 to execute an internal command by prefixing the command with a "@". Additionally, a "?" in the first position of any of the action fields (RUN FILE NAME.EXT, DRIVE, PATH, PARMS...) causes Tam2 to PROMPT for this value at run time. REMEMBER that if a MAIN MENU item/option has only ONE SUB MENU item/option, the sub menu is not displayed at run time. Execution of the associated action is initiated by the MAIN MENU program. Tam2.Doc - Pg 6 VERY IMPORTANT: This option will not appear on Tam2_Adm.exe main menu if "N" was entered in the field ALLOW MENU MAINTENANCE when configuring TAM2 with Tam2_Cfg.exe program. This allows distribution of Tam2_adm.exe to user but prevents some potential problems. USER MAINTENANCE Use this option to Add/Change/Delete Users to the system. Upon Selecting this option the program displays a list of all the currently defined users. Use the same basics as above to update it, Ins to ADD, Del to DELETE, ect... To access the Tam2 system a user must SIGN-ON with a user-id and password. Further Tam2 Menu programs will only display the options that the signed on user has access to, see "Controlling Access to Applications" later in this section.. A very useful report that lists every user and the options available to him/her can be printed by pressing F6 while the user list is displayed. We found this to be very handy. WORKSTATION MAINTENANCE Tam2 can be used to allow access to applications only if a user is signed on at a particular workstation. To use this feature the administrator must first define (give a name to) all the workstaions available to the users. He then must tell Tam2 which users can use which workstation. Finally, every workstation startup file (autoexec.bat) must create a DOS ENVIRONMENT variable with the name of STATION and assign to it the same value as was given to this station when it was defined, ex: set STATION=JOHNSON if JOHNSON was entered in the ID field of the STATION record. Tam2 Sign_On processing will always look in the DOS Environment for a variable of STATION, if one is found it will then check the files for a match on user and station id. The user is allowed access to Tam2 only if he is allowed to use this station. If the environment variable STATION is not found this check is not performed. When this option is selected, a list of all the currently defined workstations is displayed. Use the usual keys to update the list. Use the F10 key to assign users to the workstation under the selection bar. Maintain this second list using the usual keys as well. F5 to print a list of stations and associated users. DISPLAY LOGGED ON USERS Use this option to see who is currently using the system, Ie: Signed On. Also, and probably the only reason this option exists, use this option to "force" a user "off" the system. I'll explain a little more. Every time a user signs on the system, the signon program sets a flag, in the user record, to "ON" to indicate that the user is on and prevent other accesses. When he/she signs-off the flag is set to "OFF". If the system "crashes" while a user is signed on, as in the Tam2.Doc - Pg 7 case of a power failure, he/she will not be able to re-sign on, the system still thinks the user is signed on because the above flag was never turned off. When this occurs, for whatever reason, use this option to list all the user then position the selection bar on the user in question and press enter. After a confirmation the flag is set to OFF. PRINT PURGE ACCESS LOGS As mentioned above in "configuring Tam2", it is possible to create an audit trail of every access made thru Tam2 Menus. This option is turned on or off globally by Tam2_cfg.exe. When turned on every time a user selects an option from a menu or sub menu, a LOG record is written to file. Use this option to print/view the contents of this LOG file and to PURGE or delete all the records when they are no longer needed. NOTE that if this option is on and you are using Tam2 to control access to procedures internal to programs, they too will write audit trail records to this file. See the section titled "Protected Program Procedures" for more information on this topic. PROTECTED PROGRAMS MAINTENANCE Use this option to assign security levels to procedures internal to CLARION programs that are controlled via Tam2. See the section titled "Protected Program Procedures" for more information on this topic. VERY IMPORTANT: This option will not appear on Tam2_Adm.exe main menu if "N" was entered in the field ALLOW PROGRAM MAINTENANCE when configuring TAM2 with Tam2_Cfg.exe program. This prevents unnecessary confusion for users that are not using this feature. CONTROLLING ACCESS TO APPLICATIONS: Tam2's most powerful feature is its ability to prevent un-authorized access to applications. This in fact it is main purpose in life, as its name implies. Understanding how this is done is critical to establishing a worry free environment and making the most out of this product. Access is controlled by the fields SECURITY LEVEL and SECURITY FILTER TYPE. A SECURITY LEVEL is assigned to every MAIN MENU item/option, SUB MENU item/option, and to every USER. A SECURITY FILTER TYPE is assigned to every USER in addition to a LEVEL. The LEVEL is a numeric field that can have values between 1 and 9999. FILTER TYPE can have values of GE (greater then or equal to) or EQ (Equal to). Tam2 uses these fields in determining the items/option a user can access in this manner: - If the user's FILTER TYPE is equal to "GE", his/her SECURITY LEVEL must be GREATER THEN or EQUAL TO the main or sub menu option/item in order to have access to it (Or if you prefer, he/she can access Tam2.Doc - Pg 8 any main or sub menu option/item whose SECURITY LEVEL is LESS THEN his/her SECURITY LEVEL). - IF the user's FILTER TYPE is equal to "EQ", his/her SECURITY LEVEL must be EQUAL TO the main or sub menu option/item in order to have access to it. In other words, When Tam2 displays the MAIN MENU or a SUB MENU, the following logic is executed: FOR EACH MENU ITEM record IF THE USER's SECURITY FILTER = 'GE' IF THE USER's SECURITY LEVEL >= THE MENU ITEM's SECURITY LEVEL INCLUDE MENU ITEM ON MAIN/SUB MENU DISPLAY ELSE SKIP THIS ITEM AND CYCLE - GET THE NEXT ITEM RECORD ELSE - FILTER MUST BE = 'EQ' IF THE USER's SECURITY LEVEL = THE MENU ITEM's SECURITY LEVEL INCLUDE MENU ITEM ON MAIN/SUB MENU DISPLAY. ELSE SKIP THIS ITEM AND CYCLE - GET THE NEXT ITEM RECORD Example: Assume the following user and items security settings MENU ITEMS: MAIN1 SUB1-1 SUB1-2 MAIN2 SUB2-1 SUB2-2 SECURITY LEVEL 10 50 200 700 800 700 USERS: USER1 USER2 USER3 USER4 SECURITY LEVEL 100 200 700 800 SECURITY FILTER GE GE EQ EQ Here are the results: - USER1 will have access to MAIN1 and SUB1 - USER2 will have access to MAIN1, SUB1-1, and SUB1-2 - USER3 will have access to MAIN2 and SUB2-2 - USER4 will NOT have access to any menu items. He can only access Items with a security level EQUAL to 800. The only item with a level of 800 is SUB2-1, but since SUB2-1 is a SUB ITEM on MAIN2 and MAIN2 is not available to him he CANNOT access it. - NO user has access to SUB2-1 FOLLOW THE LOGIC ABOVE TO VERIFY THESE RESULTS. As you can see this security scheme offers immense flexibility. With a little creativity, it is very easy to setup access rights along departmental lines or work groups. For example: Every one in accounting is defined as "EQ" with a level of 666 and all their applications have a LEVEL of 666. Every one in shipping is defined as "EQ" with a level of 333 and all their applications have a level of 333. ALL executives are defined as "GE" with a level of 9999 giving them access to everything. More combinations are possible when one start to mix EQs and GEs. This will can results in having to define the same application more then once so that it can be accessed by users belonging in different work groups. This usually occurs with utilities, word processors and the likes. This causes no harm but creates some minor maintenance Tam2.Doc - Pg 9 issues. 6. How to Use Tam2: If you followed the installations instructions above, every time you turn your system on the "SYSTEM SIGN ON" screen will be displayed. If it is not, type MENU and press the Enter Key and the screen will be displayed. Enter your User Id and Password at the associated prompts and if you are authorized the system will display a message informing you that you are signed on. After 2 seconds, or at the tap of any key, this screen will go away and the system will try to build a MAIN MENU to reflect your profile. Pressing F10 from the sign on screen will exit to DOS. A password may be required however depending on how the system was configured by the administrator. F1 will bring up the HELP screens. Up on successful sign on the MAIN MENU is Displayed, Select an option by moving the selection bar over your choice and press Enter, or, if present, press the key preceding the ")" on the far left of the desired choice. This is called the Quick or Hot Key. If there is a SUB MENU associated with this option repeat the above to make your selection. Press Esc from a SUB MENU to return to the MAIN MENU. HELP is always available by pressing F1. It is possible for the administrator to have setup options which require your input before the can continue. In these cases a RUN TIME PROMPTER screen will appear asking for a variable piece of data. You were probably advised of this possibility and should be aware of what to enter. See your administrator if you have problems with this screen or are unsure of what to enter and the HELP screens provide no assistance. Be aware that, if enabled, the system may SIGN you OFF if a pre- defined amount of inactive time is detected. If this situation is detected, you will hear three shorts beeps. If within 10 seconds after these beeps a key is not pressed, the system will SIGN you OFF. This option may be turned off on some systems. Additionally, if inactivity is detected for 10 minutes and you are not forced off the system, the screen may go blank. This is to prevent damage to the monitor. In these cases pressing any key will restore the original screen. To terminate a session and SIGN-OFF the system press the F10 key while the MAIN MENU is displayed. 7. Protected Program Procedures Suppose you have to develop an integrated Order Entry and Inventory Control system for a client with the following requirements: Tam2.Doc - Pg 10 - The people in receiving should have access only to the "receive inventory" functions , - The people in sales should have access to most of the Order Entry functions only - The people in purchasing should have access to most of the inventory functions as well as vendor functions only - The people in upper management to have access to ANY function regardless of the subsystem. - The new system is to be integrated with their current applications and other off the shelf software. Obviously one of your first task would be to develop some kind of security/access control system to define the users, the functions, etc.. which would not be too cumbersome or complicated, we have done this a number of times before we realized the waste of effort. You'll also discover that to properly integrate your system with their existing applications will require some kind of menuing system, so you either develop on or purchase an off the shelf menuing package, there sure are a lot of them out there. At the end however, you know you could have delivered a much better environment if all of this was integrated, right?? Well, we think so and that's where Tam2 really shines. A very powerful feature of TAM2 allows CLARION developers to capitalize on its access control features with minimum effort by providing a set of programs, procedures and functions to manage what we call Protected Program Procedures, PPP for short. Protected Program Procedures are procedures/functions internal to application programs written (or actually generated thru designer) to take advantage of Tam2 access control facilities and to offer end users a single means of administration, maintenance, and monitoring. These procedures are not created by the end users but rather are delivered by the developer to the end user. The end users simply determine the security level they want to assign to each according to the way they setup their users' access levels and filters. These procedures are stored in the file named PROGPROC.DAT. The program Tam2_PPP.exe included on the distribution disk provides the developer the means to add/change/delete procedures from this file. Tam2_ppp should not be distributed to the end users. Tam2_Adm.exe can be used by the administrator to assign security levels and update a description field for each procedure. To enable this feature in Tam2_Adm.exe, the field "ALLOW PROGRAM MAINTENANCE" in Tam2's configuration file must be set to "Y" with the program Tam2_Cfg.EXE. The distribution disk contains a sample application, PPP_DEMO.EXE, that was written to take advantage of Tam2's features. If you execute this program from the DOS prompt you'll receive a message indicating that no user is signed-on and execution aborts. If however it is added as a menu option, which it is in the distribution disk, execution will be allowed. To see the functions and change their security level, set ALLOW PROGRAM MAINT to "Y" thru Tam2_Cfg.exe and select Protected Program Maintenance from the Tam2_adm.exe main menu. To see how these procedures were added to the PROGPROC.DAT file run the Tam2_pp.exe program. Tam2.Doc - Pg 11 To develop an application that relies on TAM2 for its access control could not be any easier, in addition to the above programs we will also provide the necessary CLARION procedures/functions and a model file that integrates TAM2 in a designer developed application with unbelievable ease. The additional procedures and functions are: 1. TAM2_START - This procedure is called at the beginning of every app from the main module before doing anything else. The main purpose of this procedure is to set up TAM2 GLOBAL MEMORY variables so that a later function TAM2_PPP_OK() can use. These global memory variables are very few, they include data such as whether logging is turned on, the user id, access level and filter of the signed on user, the station id, and the PROGPROC record layout. 2. TAM2_PPP_OK- This function is called by every procedure that is to be monitored by Tam2 access control. This function is called at the beginning of the procedure of function and expects the procedure/function name. It will do the access validation, log the access if required, and either return true or false to the caller. The caller procedure should insert this line as the first line following the CODE statement: IF ~TAM2_PPP_OK('@PROCNAME ') THEN RETURN. (replace @PROCNAME with the name of the calling procedure). That's ALL there is to it!!! NOTE THAT TAM2_PPP_OK EXECUTES BASICALLY THE SAME LOGIC AS DESCRIBED ABOVE, IN THE SECTION "CONTROLLING ACCESS TO APPLICATIONS" TO DETERMINE WHETHER ACCESS IS ALLOWED OR NOT AND RETURNS TRUE OR FALSE ACCORDINGLY. 3. TAM2_CHK.CPY - This is neither a function nor a procedure but an include file that defines the global memory variables mentioned above. You simply include this in your program and the functions and procedures above will work just fine. NOTE that both of the above modules are very small and can be overlaid with no problems. One may not want to overlay TAM2_PPP_OK however if a lot of procedures are controlled by Tam2. Memory will not be a problem either way since they are tiny. Of course the model file that we provide, NET2108.MDL, contains all the above, highlighted so that you can easily incorporate in your own models. If you use designer with our model, or yours with our changes (which by the way are very, very few), all you will have to do to enable Tam2 checking for a procedure of any type is to include the following line in the procedure's SETUP line: TAM2_PPP_CHK = 1 (or = TRUE) That's ALL!!!, the model file contains the rest..., works great. The changes required to a model file to accomplish the above are: Tam2.Doc - Pg 12 1. ADD the following statements in the MAP section, following the line "@MODULES" and before the line "@FILES" !$----------------------- TAM2 MAP CHANGES START HERE ---------------------- MODULE('\TAM2\UTILS\STARTAPP.218') !TAM2 INITIALIZE PROC(TAM2_START) ! GLOBAL VARIABLES FUNC(SRCHPATH),STRING ! SEARCH FOR CFG . ! BOTH CALLED ONLY ONCE MODULE('\TAM2\UTILS\PPPCHECK.CLA') !TAM2 PROCESSING PROGRAM FUNC(TAM2_PPP_OK),LONG ! PROCEDURES ACCESS LEVEL . ! VALIDATION AGAINST USER INCLUDE('\CLARION\EXAMPLE\DOS1.CPY') !DOS LANGUAGE EXTENSION . !$----------------------- TAM2 MAP CHANGES END HERE ------------------------ 2. Add the following include statement before the first CODE statement: INCLUDE('\TAM2\CPY\TAM2_CHK.CPY') !$ TAM2 GLOBALS 3. Add the following line after the first CODE statement: TAM2_START !$ INIT GLOBALS 4. For every model procedure within you model file add the following: - before the line @SETUP add: TAM2_PPP_CHK = 0 !$ NO TAM2 CHK - following the line @SETUP add: IF TAM2_PPP_CHK !$ IF TAM2 CHK IF ~TAM2_PPP_OK('@PROCNAME ')!$ AND IT FAILED RETURN !$ RETURN TO . . !$ CALLER Doing this for ALL your model procedures is not very hard regardless of how many you may have, the clarion editor can do this very quickly, other editors even quicker. 5. THAT'S ALL THERE IS TO IT!!! - To use it one simply uses the setup procedure line to set TAM2_PPP_CHK = 1 only for the procedures that should be PROTECTED. NOTE the use of "!$" at the beginning of every comment, this is useful to find our changes in the model file. Simply Search for '!$' and you'll find each modification described above in the model file we provide. The only caveat with all this Protected Program Procedures stuff is that neither the above modules or model file are part of the freely distributed TAM2 system. To receive the above you either must be an "extended registered user", see the registration section below, OR you must license the source code to the entire system, see the source code offer section. 8. Legalities SOFTWARE LICENSE: Tam2.exe, Tam2_adm.exe, Tam2_cfg.exe, Tam2_ppp.exe, collectively referred as Tam2 in this document, and all other supporting files Tam2.Doc - Pg 13 are Copyright (c) 1991 by GAFFT System Inc., Glenview, Il. The Tam2 package is released into the public domain as Shareware. You are encouraged to use, copy and distribute this product freely and at will provided that (1) the distribution consists of the original archive containing the programs and this documentation file, (2) no fee of more than five US dollars ($5) is charged for the copy and (3) it is not modified in any way. WARRANTY & LIABILITY: This software package has NO WARRANTY of any kind, or better yet: GAFFT Systems Inc. hereby disclaims all warranties relating to this software, whether express or implied, including without limitation any implied warranties of merchantability or fitness for a particular purpose. GAFFT Systems Inc. will not be liable for any special, incidental, consequential, indirect or similar damages due to loss of data or any other reason, even if GAFFT Systems Inc. or an agent of GAFFT Systems Inc. has been advised of the possibility of such damages. In no event shall GAFFT Systems Inc. liability for any damages ever exceed the price paid for the license to use software, regardless of the form of the claim. The person using the software bears all risk as to the quality and performance of the software. 9. Registration If you find TAM2 easy and convenient to use a registration fee of $25 is appreciated. In return, you will receive: 1. when available, a free upgrade to the next version of the software (excludes Tam2 Deluxe but includes upgrade to CLARION 3.0). 2. free technical support via mail or major BBS services (Will attempt to return all phone calls as well but cannot commit) . 3. Notification of ALL further versions/releases and bug fixes If you send $45, or more for that matter, you will become an "extended registered user" which will entitle you to receive: 1. The same items specified in #1 - #3 above 2. Priority shipment and credit consideration when Tam2 Deluxe is available. Details not yet worked out. 3. The source code necessary to utilize Tam2 access control facilities for your own CLARION program procedures. See Section 7, Protected Programs Procedures (PPP), above for details. This code will include at minimum: NET2108.MDL - Revised network model file that includes the changes to use Tam2 via designer, changes are all highlighted by "!$" TAM2_CHK.CPY - An include file that defines all the global variables required by the PPP facilities TAM2_PPP.CPY - File layout of the PROGPROC data file STARTAPP.218 - Clarion module containing the procedure TAM2_START and the function SRCHPATH. Both are used at the very beginning of an application Tam2.Doc - Pg 14 to initialize the global memory required by Tam2. SRCHPATH is used to find the configuration file along the DOS path and obtain default settings. PPPCHECK.CLA - Clarion module that contains the function TAM2_PPP_OK. This function performs the actual access control and optionally Logging. If you are a serious CLARION developer/user, and have not yet standardized your access control approach, I strongly recommend this option or better yet consider licensing the entire source code, see below. To register your copy of Tam2, or to license the full source code complete the appropriate form in the file ORDER.FRM contained in this archive or send the appropriate fee, along with your name and address to: GAFFT Systems Inc Att: TAM2 REGISTRATION 619 Milwaukee Av, Suite 27 Glenview, Il 60025 If you have questions, please call us at 708-729-0990. We will attempt to return all calls. 10 Custom Versions If you require any modifications or changes to the software and don't want to spend the time to do it yourself, please send us a detailed document describing the changes you are interested in. If your request is popular chances are we'll do it with no additional fees. If they are unique, we'll provide you an estimate of the cost and delivery date within 2-4 working days (sometimes on the spot). 11. Source Code Offer If you like Tam2 and want to take full advantage of its features or wish to improve/customize it for your own use, you can license the full source code from us for the amount of $145. This license will allow you to distribute any .exe or .pro files created with this source ROYALTY FREE as long as they are not part of a product that directly or indirectly competes with Tam2 and/or Tam2 DELUXE, currently in development. It will not allow you to re-sell, in whole or in parts, any of the actual source code without our written consent. Of course joint marketing/development opportunities are always welcomed, call us or drop us a note to discuss. Licensing the source code will automatically make you an extended registered users, see #9 above. **** THE END **** Tam2.Doc - Pg 15