Object Rules screen

Object Rules screen

How to Get There

Click the Object Rules tab on the Navigation Pane on the left side of the browser window.

What it Does

The Object Rules screen allows you to create, modify, and delete Object Rules that pertain to Users or Locations. Object Rules can be active or inactive.

Options

Selection, sorting, filtering, deleting, and navigation features on this screen are described in Using the Web Browser Interface. Click an Object Rule to open the Edit Object Rules screen where you can edit the Object Rule.

Add

Choose Add to open the New Object Rule screen where you can define a new user rule.

[Actions]

Click next to an Object Rule to show Actions.

  • Edit. Choose Edit to open the Edit Object Rule screen where you can edit the Object Rule.
  • Copy. Choose Copy to open the Copy Object Rule screen, where you can select the system(s) you would like to copy the Object Rule to.
  • Delete. Choose Delete to delete the Object Rule.
  • Close. Choose Close to dismiss the Action Pane.

Column Descriptions

User/Location column

This column lists the user or location of the rule.

A icon indicates a User rule. User represents the identity of the person initiating a transaction as a user profile. The special value *PUBLIC, when used on a rule, means that the rule applies to any User lacking a specific rule. When used as a subset or selection parameter, *PUBLIC means to select all such rules for display or printing.

An icon indicates a Location Rule. The location is the name of the location for which authority is being specified. The location can be an SNA device, an IP address, an IP Address Group, or the special value '*ALL'. If specifying an IP address, enter either the full IP address or a generic IP address using an asterisk as the final character. IP Address Groups must be established prior to their entry on this screen (see IP Address Groups).

Status/Object List Name/Operation

The name of the Object List assigned to the object rule. See Object Lists screen.

The operation to which the rule applies.

*ALL The rule applies to all operations.
*CREATE The rule applies to attempts to create an object matching an entry defined in the Object List.
*READ The rule applies to attempts to read an object matching an entry defined in the Object List.
*UPDATE The rule applies to attempts to update an object matching an entry defined in the Object List.
*DELETE The rule applies to attempts to delete an object matching an entry defined in the Object List.
Authority

Authority represents the action to be taken when a rule is found that matches the data present on a transaction. Two values are listed for each Object Rule, one for Object Accesses and one for Data Accesses.

The valid values are:

*OS400 The transaction will be allowed and object authority will be determined by the operating system.
*REJECT The transaction will not be allowed.
*SWITCH The transaction will be allowed and the transaction will occur as if the user profile named as the Swap Profile had initiated the transaction. After switching to the Swap Profile, the authority used during the transaction will be determined by the operating system.
Audit

The Audit flag controls the logging of transactions to the Log Journal set up on the work with Exit Point Manager System Values panel. Two values are listed for each Object Rule, one for Object Accesses and one for Data Accesses.

The valid values are:

The transaction will be logged to the Log Journal.
The transaction will not be logged to the Log Journal.
The default value from a prior rule will control the logging.
Message

The Send messages flag controls the sending of messages to the Log Message Queue set up on the Work with Exit Point Manager System Values panel. Two values are listed for each Object Rule, one for Object Accesses and one for Data Accesses.

The valid values are:

A log message will be sent to the Log Message Queue.
A log message will not be sent to the Log Message Queue.
The default value from a prior rule will control the logging.
Capture

Capture transactions flag controls whether transactions are remembered in Exit Point Manager for later memorization. Once captured, transactions can become Memorized Transactions which can act as rules. Two values are listed for each Object Rule: one for Object Accesses and one for Data Accesses.

The valid values are:

A log message will be sent to the Log Message Queue.
A log message will not be sent to the Log Message Queue.
The default value from a prior rule will control the logging.

 

Related Topics