The following are changes or enhancements for communications access methods for SAS/CONNECT and SAS/SHARE software:
|Changes to Security Support Provider Interface under Windows for TCP/IP|
Security Support Provider Interface (SSPI) enables users who are members of trusted domains to be authenticated automatically when connecting to SAS/CONNECT or SAS/SHARE server sessions. However, the SSPI system option is not supported for SAS/CONNECT 9.2 or SAS/SHARE 9.2.
|Changes to TCP/IP and XMS under z/OS|
Although this release does not support CA Unicenter TCPaccess Communications Server, SAS does support any vendor's TCP/IP software that is functionally compatible with the IBM z/OS IP Communications Server package.
The z/OS operating environment and the TCP/IP access method exclusively use the IBM z/OS Resolver for domain-name resolution. Support of the IBM OS/390 Resolver and the SAS Name Resolver has been discontinued in this release.
In previous releases of SAS, TCP/IP was implemented using the SAS/C compiler and runtime library. In order to configure the SAS/C TCP/IP runtime environment several SAS system options were used for z/OS. These SAS system options were TCPIPMCH, TCPIPPRF, and CTRANSLOC. In this release, these SAS system options are obsolete and will be ignored.
The new TCPIPMCH environment variable provides the same functionality as the former TCPIPMCH system option, which specifies the TCP/IP stack name. This variable is useful in z/OS operating environments that support multiple TCP/IP stacks. The TCPIPMCH environment variable is specified in the SAS TKMVSENV data set file.
A networked computer that runs under TCP/IP can be addressed by its fully qualified domain name (FQDN) or its IP address. Support for the IPv6 addressing standard is new in this release. The implications for the support on z/OS are two new IBM resolver functions getnameinfo(BPX1GNI) and getaddrinfo(BPX1GAI). They are used to retrieve IP addresses in IPv6 format.
TCP/IP and XMS under the z/OS operating environments require the installation of the TCP/IP SAS SVC control program routine or the XMS SAS SVC control program routine, as appropriate. The SAS SVC control program routine is an interface between the z/OS operating environment and a specific request, such as "third-party checking." This facility provides verification in the form of calls for authentication of user IDs and passwords and of library authority.
Two-level server IDs are supported in a SAS/SHARE client session under z/OS when XMS is used as the primary access method and TCP as the auxiliary access method. Two-level server IDs are used only in the LIBNAME statement and the PROC OPERATE statement.
|Changes to the Spawners|
The -SASDAEMONSERVICE option is specified in a SAS/CONNECT spawner invocation for all operating environments -- OpenVMS, UNIX, Windows, and z/OS -- to identify the port through which the spawner and the SAS/CONNECT server communicate. When socket inheritance is enabled, this port is also used for all SAS client and SAS/CONNECT server communications.
The -shell option in the UNIX spawner enables X command processing.
The -LOGCONFIGLOC option is specified in a SAS/CONNECT spawner invocation for all operating environments -- OpenVMS, UNIX, Windows, and z/OS -- to identify the location of the XML configuration file that is used to initialize the SAS logging facility.
The -OMRCONFIGFILE option has been renamed as -XMLCONFIGFILE for all operating environments -- OpenVMS, UNIX, Windows, and z/OS. However, the old option name, -OMRCONFIGFILE, is still supported for backward compatibility.
The z/OS spawner start-up script contains three new BPX environment variables that improve the start-up performance of a spawned SAS session.
A revised example of a firewall configuration illustrates the use of socket inheritance and restricted ports.
Details about the security technologies that SAS supports have been relocated from this document to Encryption in SAS. These technologies are SAS Proprietary, SAS/SECURE, SSL, and SSH.