Limit access to program function
The limit access to program function allows you to define who can use an application, the parts of an application, or the functions within a program.
This support is not a replacement for resource security. Limit access to program function does not prevent a user from accessing a resource (such as a file or program) from another interface. The function goes through the following processes to do the verification.
- Register a function
- Retrieve information about the function
- Define who can or cannot use the function
- Check to see if the user is allowed to use the function
The limit access to program function lets APIs perform the following tasks: To use this function within an application, the application provider must register the functions when the application is installed. The registered function corresponds to a code block for specific functions in the application. When the user runs the application, before the application invokes the code block, it calls the check usage API to verify that the user has the authority to use the function that is associated with the code block. If the user is allowed to use the registered function, the code block runs. If the user is not allowed to use the function, the user is prevented from running the code block.
The system administrator specifies who is allowed or denied access to a function. The administrator can either use the Work with Function Usage Information (WRKFCNUSG) command to manage the access to program function or use Application Administration in the IBM® Navigator for i.