Filter Rules Added with Memorized Transactions

Memorized Transactions are processed by Exit Point Manager only when a Filter Rule's Authority setting instructs Exit Point Manager to check them, and they have an *ACTIVE status. When the Filter Rule's Authority setting does not begin with *MEM, Memorized Transactions will not be processed even though some may exist and have an *ACTIVE status. When a Filter Rule's Authority setting begins with *MEM, the active Memorized Transactions that have the same Server, Function, and User or Location values will be processed before the Filter Rules. The portion of the Authority setting that follows *MEM indicates what action to take if no active Memorized Transaction matches the incoming transaction data: REJECT means to reject the transaction, OS400 means to allow it to fall through to the operating system, and SWITCH means to run using the authority of another user profile and fall through to the operating system.

Think of a given combination of Server, Function, and User or Location as the identifier of a "pool" of transactions. There may be a mix of active and inactive transactions in the pool, but only active transactions are matched to incoming transactions.

When a pool of transactions gains its first active transaction, a Filter Rule with matching Server, Function, and User or Location values will be created with *MEMOS400 authority (if one does not exist), or an existing Filter Rule will have its Authority setting modified to begin with *MEM. This is done to initially allow processing of Memorized Transactions for the Server, Function, and User or Location. You may subsequently "turn off" processing of Memorized Transactions by removing the "MEM" from the Authority setting on the associated Filter Rule. The "MEM" portion of the Authority settings will be automatically removed when the pool loses its last active transaction (there are no more active transactions to process). Between the time the first active transaction enters the pool and the last active transaction leaves the pool, the Authority setting on the associated Filter Rule will not be altered by Exit Point Manager.

Authority Filter Properties Example

By referring to the panel below, you can see that any attempt by the general public to use the FTPCLIENT server is to be rejected. However, if user MARKJ attempts to use the SENDFILE function of the FTPCLIENT server, Exit Point Manager looks at the transactions that have been memorized for the FTPCLIENT server first due to the *MEM portion of the Authority value of *MEMREJECT. The REJECT portion of *MEMREJECT instructs Exit Point Manager to reject the incoming transaction if a memorized transaction is not found for user MARKJ that exactly matches the incoming transaction.

If Exit Point Manager finds a memorized transaction that exactly matches the incoming transaction for the specified user (or user group), it takes the action defined by the Authority property in the memorized transaction.

Exit Point Manager provides the following Authority values that enable processing of Memorized Transactions:

*MEMOS400

If the transaction does not match any memorized transactions, the transaction is allowed to the extent that OS/400 security allows the transaction.

*MEMSWITCH

If the transaction does not match any memorized transactions, the job is switched to the specified user profile before allowing the transaction. A switch profile entry is required.

*MEMUSR

If the transaction does not match any memorized transactions, Exit Point Manager looks for a user rule to determine whether the transaction is allowed. *MEMUSR is valid only when working with location authorities.

*MEMOBJ

If the transaction does not match any memorized transactions, Exit Point Manager looks for an object rule for a user or location.