|Communications Access Methods for SAS/CONNECT and SAS/SHARE Software|
|System and Software Requirements for SAS/CONNECT and SAS/SHARE|
Ensure that the following conditions have been met:
|Setting SAS Options and Variables|
You may set specific options in SAS to establish the connections that you want with SAS/CONNECT and SAS/SHARE when using the DECnet communications access method.
You may specify an option in any of several forms, as follows:
OPTIONS SET=variable-name value
options set=sassecur _secure_;
-SET variable-name value
-set sassecur _secure_
Values for these options can contain up to eight characters, consisting of alphanumeric characters, the percent sign (%), the dollar sign ($), the pound sign (#), the at sign (@), and the underscore (_).
If you set multiple forms of the same option, the order of precedence follows:
|SAS macro variable|
|SAS configuration file|
|DOS environment variable.|
|Setting Security for SAS/CONNECT and SAS/SHARE|
For SAS/CONNECT, you must
supply identifying information to sign on
without a script to a remote host running a spawner program. A SAS/SHARE server,
running secured, requires identification from each connecting client. The
next two sections outline the version-specific methods for specifying client
identification for SAS/CONNECT and SAS/SHARE.
Note: In the Windows environment, SAS/SHARE server security is supported
on the Windows NT platform only.
In Version 8, you provide client identification to a SAS/CONNECT remote host or a SAS/SHARE server using the USER= and PASSWORD= options. These options are valid in the following statements:
Connect to Remote
Specifying client identification in the SASSECUR= option is still accepted but is not recommended in Version 8. The USER= and PASSWORD= options take precedence over the client SASSECUR= option when both are specified. For example, a SAS/SHARE client's execution of a LIBNAME statement with values assigned to the USER= and PASSWORD= options would override a SASSECUR= option setting in the same client SAS session.
Here is the syntax and definitions for these options:
|USER | USERNAME | USERID | UID=username | _PROMPT_|
|PASSWORD | PASSWD | PASS | PWD | PW=password | _PROMPT_|
Specifying these options allows a user on the local host whose username and password have been verified to access the remote host.
Note: The values provided
when prompted must NOT be quoted.
Specifying USER=_PROMPT_ and omitting the PASSWORD= specification will cause SAS to prompt you for both userid and password.
This is especially useful for allowing the SAS statements containing the USER= and PASSWORD= options to be copied and otherwise effectively reused by others.
For SAS/SHARE, the values supplied for the USER= and PASSWORD= options are valid for the duration of the remote host connection. Additional accesses of the remote host while the connection to that host is still in effect do not require re-supplying of the USER= and PASSWORD= options. For example, while the first connecting library assign to a SAS/SHARE server may require specification of the options, subsequent assigns to the same server will not need specification of these options as long as the original connection is in effect. A subsequent re-connect to the same server or connect to a different server would require re-supplying of the USER= and PASSWORD= options.
Here is a Version 8 example for SAS/SHARE:
libname test 'prog2 a' user=joeblue password="2muchfun" server=share1;
For SAS/CONNECT, these values are valid until SIGNOFF.
Here is a Version 8 example for SAS/CONNECT:
signon rmthost user=joeblack password=born2run;
As a security precaution, PASSWORD= field entries echoed in the log
are replaced with Xs. If _PROMPT_ was specified for entering the password,
the entry would not be displayed on the screen as it is typed.
You must set the SASSECUR option in order to pass a remote host user name and password to a SAS/SHARE server for verification. After the user name and password have been verified, the connection to the SAS/SHARE server can proceed. Values for SASSECUR are
|SASSECUR _NONE_ | _PROMPT_ | username.password | _SECURE_|
Setting _NONE_ does not establish secure sessions for connecting SAS/SHARE clients.
_PROMPT_ specifies that SAS prompt the user for user name and password information. When prompted for a password, the input field is not displayed. Choosing to prompt for user name and password provides more security than assigning the user name and the password to the system option.
This value specifies both the user name and the password. Assigning the user name and password directly to the SASSECUR option at the SAS/SHARE client may inadvertently publicize this information and compromise the security of the SAS/SHARE server. Assigning the value to the option in a file allows anyone to read it.
The _SECURE_ value for the SASSECUR option requires a SAS/SHARE client to supply a valid user name and password to the remote host or the remote host on which the server is running in order to allow client access to the server.
Specify the SASSECUR option before you create a server.
%let SASSECUR=_NONE_; %let SASSECUR=_PROMPT_; %let SASSECUR=bass.time2go; %let SASSECUR="apex\bass.time2go"; %let SASSECUR=_SECURE_;
See Setting SAS Options and Variables for examples of the forms that you can use to specify the SASSECUR option.
Top of Page
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.