|Communications Access Methods for SAS/CONNECT and SAS/SHARE Software|
|System and Software Requirements for SAS/CONNECT and SAS/SHARE|
SAS/CONNECT and SAS/SHARE require the SAS/C Transient Library when running SAS Release 6.08 TS405 and subsequent releases. (The SAS/C Transient Library is provided with SAS/CONNECT and SAS/SHARE.)
Note: If your site has installed Release 5.50 of
Library, you must replace it with the transient library that is included with SAS/CONNECT and SAS/SHARE.
See Installing the SAS/C Transient Library for details.
SAS/CONNECT and SAS/SHARE also require the Interlink SNSTCP, Version 4.1 or a subsequent release and IBM TCP/IP, Version 3.2 or a subsequent release.
|Defining Resources for the TCP/IP Access Method|
|Understanding TCP/IP Access Method Terminology|
Familiarity with these terms will help you when you set SAS options:
For a complete discussion of TCP/IP, see Internetworking with TCP/IP, Volume I: Principles, Protocols, and Architecture, Second Edition from IBM.
|Setting SAS Options and Variables|
You may need to set specific SAS options and variables to establish the desired connections with SAS/CONNECT and SAS/SHARE when using the TCP/IP communications access method.
Consult with your network administrator to determine what options must be set and what values to assign to them.
You may specify an option in several forms, as follows:
Add option-name(default value) to the SAS CLIST. Then add option-name(current value) at a SAS invocation.
tcpipmch(tcpip) /* TCP options */ +
Specify the CLIST at the SAS invocation as follows:
sas tcpipmch(tcpip) o('dmr comamid=tcp noterminal')
Add environment_variable=value to the SASCTCPV data set. See Setting SAS/C Environment Variables with the SASCTCPV DDname for more information about this data set.
Values for these options may contain up to eight characters, consisting of alphanumeric characters, the percent sign (%), the dollar sign ($), the pound sign (#), the at sign (@), and the underscore (_).
Note: If you set the same option using different forms, typically the
last option setting will take precedence and override an earlier option setting.
To display the settings of the SAS system options in the SAS log, use the OPTIONS procedure. The following statement produces a list of options with a brief explanation of what each option does:
proc options; run;
|Setting Security for SAS/CONNECT and SAS/SHARE|
For SAS/CONNECT, you must supply identifying information to sign on
without a script to a remote host running a spawner program. A SAS/SHARE server,
running secured, requires identification from each connecting client. The
next two sections outline the version-specific methods for specifying client
identification for SAS/CONNECT and SAS/SHARE. The third section describes
how to configure your SAS/SHARE server to either require or not require connecting
clients to supply user identification.
In Version 8, you provide client identification to a SAS/CONNECT remote host or a SAS/SHARE server using the USER= and PASSWORD= options. These options are valid in the following statements:
Connect to Remote
Specifying client identification in the TCPSEC option is still accepted but is not recommended in Version 8. The USER= and PASSWORD= options take precedence over the client TCPSEC option when both are specified. For example, a SAS/SHARE client's execution of a LIBNAME statement with values assigned to the USER= and PASSWORD= options would override a TCPSEC option setting in the same client SAS session.
Here is the syntax and definitions for these options:
|USER | USERNAME | USERID | UID=username | _PROMPT_|
|PASSWORD | PASSWD | PASS | PWD | PW=password | _PROMPT_|
Specifying these options allows a user on the local host whose username and password have been verified to access the remote host.
Note: The values provided
when prompted must NOT be quoted.
Specifying USER=_PROMPT_ and omitting the PASSWORD= specification will cause SAS to prompt you for both userid and password.
This is especially useful for allowing the SAS statements containing the USER= and PASSWORD= options to be copied and otherwise effectively reused by others.
For SAS/SHARE, the values supplied for the USER= and PASSWORD= options are valid for the duration of the remote host connection. Additional accesses of the remote host while the connection to that host is still in effect do not require re-supplying of the USER= and PASSWORD= options. For example, while the first connecting library assign to a SAS/SHARE server may require specification of the options, subsequent assigns to the same server will not need specification of these options as long as the original connection is in effect. A subsequent re-connect to the same server or connect to a different server would require re-supplying of the USER= and PASSWORD= options.
Here is a Version 8 example for SAS/SHARE:
libname test 'prog2 a' user=joeblue password="2muchfun" server=share1;
For SAS/CONNECT, these values are valid until SIGNOFF.
Here is a Version 8 example for SAS/CONNECT:
signon rmthost user=joeblack password=born2run;
As a security precaution, PASSWORD= field entries echoed in the log
are replaced with Xs. If _PROMPT_ was specified for entering the password,
the entry would not be displayed on the screen as it is typed.
In Version 6 and Version 7, you provide client identification to a SAS/CONNECT remote host or a SAS/SHARE server using the TCPSEC option. TCPSEC must be defined on the local host before you connect to the remote host (using the SIGNON statement) or access a SAS/SHARE server (using the LIBNAME statement).
Here is the syntax and description of this option.
|TCPSEC=userid.password | _PROMPT_|
Note: The values provided when prompted must NOT
This technique is especially useful when the configuration file specifying this option is shared among many users.
The TCPSEC option also specifies whether the TCP/IP access method performs user authentication before connecting to a SAS/SHARE server. The TCPSEC option must be set on the server before you start the SAS/SHARE server.
Here is the syntax and description of this option.
|TCPSEC=_SECURE_ | _NONE_|
|SAS/CONNECT and SAS/SHARE Options|
You may set these options at the SAS/CONNECT local and remote hosts and at the SAS/SHARE client and server.
|ICSRSLV = ONLY | FIRST | LAST | NEVER|
Specifies when or if the ICS name resolver is called to resolve an Internet address to a host name.
Note: This option is available for Interlink
TCP/IP sites only.
See Understanding the Search Order for Locating Host Names and Internet Addresses for details about the resolver.
Note: You may set ICSRSLV in a SAS configuration
file, at a SAS invocation, or in a CLIST variable.
If the TCPIPMCH option is not defined, SAS uses the name of the address space that is running TCP/IP. If the Interlink TCP/IP is used, then SAS uses the value ACSS. For all other versions of TCP/IP, SAS uses the value TCPIP.
Note: You may set TCPIPMCH in a SAS configuration file, at a SAS invocation,
or in a CLIST variable.
This option setting produces the data set name SYS2.VER2.TCP.ETC.HOSTS.
Note: The TCPIPPRF option initializes a data set prefix for the current SAS
session. You must set this option each time you invoke a SAS session on the
local and the remote hosts in a SAS/CONNECT session
and at the SAS/SHARE server and client.
Note: You may set TCPIPPRF in a SAS configuration file,
at a SAS invocation, or in a CLIST variable.
|SAS/CONNECT Only Options and Variables|
The TCPPORTFIRST and TCPPORTLAST SAS options restrict the range of TCP/IP ports through which local hosts can remotely connect to remote hosts.
These options must be set at the SAS/CONNECT remote host.
Define the range of TCP/IP ports by assigning a beginning range value to TCPPORTFIRST and an ending range value to TCPPORTLAST, within the range of 0 through 32767.
Consult with your network administrator for advice about these settings.
Use the following syntax for the configuration file:
TCPPORTFIRST=n TCPPORTLAST=nUse the following syntax for the AUTOEXEC file:
OPTIONS TCPPORTFIRST=n; OPTIONS TCPPORTLAST=n;
In the following example, the local host is restricted to TCP/IP ports 4020 through 4050 when making a remote host connection:
options tcpportfirst=4020; options tcpportlast=4050;
To restrict the range of ports to only one port, you may set the TCPPORTFIRST and TCPPORTLAST options to the same number.
Note: At the remote host, you may set TCPPORTFIRST and TCPPORTLAST in
an OPTIONS statement, at a SAS invocation, in the configuration file, or in
the AUTOEXEC file.
TCPTN3270 is an environment variable that is set on the local host to support connections to CMS and OS/390 remote hosts that use the full-screen 3270 TELNET protocol. The following sample script files are provided:
See Identifying a Script File for Signing On and Signing Off for more information.
To set the TCPTN3270 variable, perform the following tasks at the OS/390 local host:
If you do not set this variable, the TCP/IP access method uses the TELNET line mode protocol by default.
|SAS/SHARE Only Option|
By default, a secure server accepts userids and passwords from clients in either encrypted or plain text form. The option to accept either form ensures compatibility with client sessions running older releases of SAS/SHARE.
To require only encrypted userids and passwords, you must set the AUTHENCR option as an environment variable or a SAS macro variable. Requiring encryption ensures that all clients have been upgraded to Release 6.11 or the 6.09 Enhanced Release of SAS.
Setting this option in a server session enables encryption for clients connecting to a secured server. The values for this option follow:
|AUTHENCR=OPTIONAL | REQUIRED|
For examples of the forms you can use to specify the AUTHENCR option, see Setting SAS Options and Variables.
Top of Page
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.