This document covers the following topics:
When you start a Broker ACI application program, the ACI service program
searches your library list for the Security Exit service
SECUEXIT. If it is
found, it will be used automatically.
In this delivery package, a Security Exit named
X_SECUEXIT is provided
by Software AG. However, this file does not match the required name
So by default, the Broker ACI runs without using a Security Exit.
To use the Software AG-supplied Security Exit Program
Rename the *SRVPGM-type program
Start your user application. The bound Broker ACI will find and use the exit.
For detailed information, see Sample Security Exits for Broker Security.
A user-supplied security exit must meet the following minimum requirements:
|Service program exports||
STRPGMEXP PGMLVL(*CURRENT) LVLCHK(*NO) EXPORT SYMBOL('etbupre') EXPORT SYMBOL('etbueva') ENDPGMEXP
... int etbueva(ETBCB *pEtbCb, void *pEncBuf, void *pReserved, char *pErrTxt) ... int etbupre(ETBCB *pEtbCb, void *pSndBuf, void *pReserved, char *pErrTxt)
|Create a Service Program for a security user exit||Sample source:
This CL procedure creates module
To create a security exit program
Write the source code, include the necessary encryption and
decryption algorithms. The supplied C example
SECUEXIT provides a framework for
the basic functionality.
Create a source file of the type
*BND for the
exports (see Creating your own Security Exit Program).
Compile the source code.
Create the service program.
See the CL Program sample
EXACRTSXIT that contains the relevant
CRTSRVPGM) for compiling and creating a service program.
In that example a service program named
SUEXIT is created.
Usually, the Software AG-supplied security exit is named
If you have previously renamed it
SECUEXIT, rename it back now to
for backup reasons.
Then rename the security exit service program
SUEXIT you have just
Test the application. When you start your application program, the
Broker ACI automatically finds and uses the Security Exit
The samples above are based on C examples. For other languages such as ILE COBOL and ILE RPG, use the respective compiler.
To request a log file from the Broker stub, the environment variable
ETB_STUBLOG must be set. The value of this variable defines how detailed the
log will be.
The following table describes the trace
||Traces initialization, errors, and all ACI request/reply strings.|
||Used primarily by system engineers, traces everything from level 1 and provides additional information - for example the Broker ACI control block - as well as transport information.|
||This is full tracing through the stub, including detailed traces of control blocks, message information, etc.|
To evaluate error conditions
Set the environment variable: run the program
EXASETENV or use the
ADDENVVAR ENVVAR(ETB_STUBLOG) VALUE(3)
To change the value of the variable, use the command
change and recompile the source file in
Re-run the example programs.
The member names in the file LOG are created with the prefix ETB and the six-digit process ID (ETBpppppp).
The file will be overwritten if you restart your application in the same session.