Natural RPC Server and EntireX Security

I need some advice on configuring a Natural RPC Server to run with EntireX security. My Server fails to register with Broker as I have not supplied the correct credentials. Here is an extract from the Broker log file:

W01/USRSEC 2006-02-20 10:58:22.879 ETBD0286 Diagnostic Values:
Stubs say no password was supplied
W01/SECLOGN 2006-02-20 10:58:22.879 ETBE0146 Access denied by Security Facility
W01/SECLOGN 2006-02-20 10:58:22.879 ETBD0296 Additional information:
User ID… ukds
Physical Uid… 20205043554B44532D2D30303030303935382D2D3030303031334334
Error code … 0x0000015E
Error text … Bad UserID detected, access denied

The only place I can find to set a user id id is SRVUSER in Natparms and any value I try seems to fail. Is this correct or does it have to be set elsewhere? How is the password passed to Broker?

I am also unclear about how Broker maintains a list of valid users?

Thanks in advance,
David Sanders

  1. Broker contacts the local security environment where Broker is running for authentication. On the mainframe, this is typically RACF or ACF2 that authenticates the userid/password. On Windows, the Windows login is used - either a domain login (domain\user) or a local user account can be used.
  2. password can be supplied from the STACK by executing a SYSEXT routine (check the USR107* and USR207* routines - I think it is USR2071P). If running on the mainframe, trusted user can be used instead of supplying the password.

Hi Douglas,

Thanks for the pointer. User exit USR2072 is the one to use for setting the password for registering a Natural RPC server with Broker. I created a copy in my application library and changed it to use a hardcoded password.

For the record, here is what I had to do elsewhere:

Natparm for Natural RPC Server:

  • set SRVUSER to the userid used for logon
  • set STARTUP to the password user exit program (USR2071P or customised version)
  • set INIT-LIB to SYSEXT (if USR2071P used above)

EntireX Runtime:

  • set the exx-use-security and exx-encryption-level for the xmms element in xml-init.xml:

Client Applications calling web services:

  • Add the user id and password to the web service url:
  • This worked with an ASP client and a Natral program using the REQUEST DOCUMENT statement.

There may be better ways of doing this but the above does work.

David Sanders