SAS/IntrNet 9.1: Application Dispatcher |
PROC APPSRV PORT=n <options>; |
Option | Definition | |
---|---|---|
ADMINPW='password' | The optional server administration password. This option does not have a default setting. | |
AFPARMS='string' | An optional quoted string of parameters that are passed when invoking SAS/AF to run SCL programs. Users will pass AFPARMS='debug=yes' to invoke the SCL debugger. | |
AUTH=scheme | The authentication scheme. The values that can be used with this option are HOST (denotes a secure Application Server), META (denotes a metadata server), or NONE. The default is NONE. | |
CHARSET=character-set-name | appends the specified character set name to the HTTP content-type header for any text output. | |
ENCODING=encoding-name | The default character-set encoding for all data sent to and received from the Application Broker. | |
GUESTP2='password' | An optional second password to use for guest access. | |
GUESTPASS='password' | The password to use for guest access. | |
GUESTUSER='username' | The username to use for guest access. | |
LOCALIP=IP-address | A manual override for GETSOCKNAME. | |
LRECL=n | The logical record length for _WEBOUT and _GRPHOUT filerefs. | |
NETBUFFK=n | The buffer size (in kilobytes) for _WEBOUT and _GRPHOUT output buffering. | |
NOCHARSET | Disables any special content-type processing and reverts to existing SBCS behavior. | |
NOSHAREPOLL | Disables polling of the SAS/SHARE server librefs. | |
PORT=n | The only required option. The port number or name. Zero is used for dynamic ports. PORT=n does not have a default setting. | |
PROGRAMS=n | The maximum number of requests that can run concurrently. The default setting is 1. | |
SHAREPOLL=n | controls the period of SAS/SHARE server libref polling. The period is equal to n, which is a positive integer representing seconds. The default setting is 300 seconds (5 minutes). | |
UNSAFE='string' | An optional list of characters that when used, enhances security by compressing name/value pairs. |
In addition to built-in programs, the ADMINLIBS statement can be used to declare various librefs and filerefs as containing administrator-only programs. Programs in these libraries are not executed unless _ADMINPW is passed and is verified.
Note: If a libref or fileref has been defined in both a PROGLIBS statement and an ADMINLIBS statement, then the ADMINPW is not required for programs in that libref or fileref. General users will have access to programs that might have been intended only for administrators.
AFPARMS='debug=yes'
The AUTH=HOST scheme requires a username and password with each request, which will run using the credentials of the authenticated username. All access to catalogs, datasets, and external files are checked against this username. The username and password can be specified with the reserved variables _USERNAME and _PASSWORD (and optionally _PASSWORD2). The GUESTUSER and GUESTPASS (and optionally GUESTP2) options can be used to specify default values if they are not specified with the request. If the username is not specified by either the _USERNAME variable or by the GUESTUSER option, the request is rejected (unless the LOGIN option is used.) Usernames and passwords are saved with sessions, so requests that connect to an existing session do not need to and cannot specify a new username and password.
The AUTH=META option enables the PROC APPSRV statement to use a metadata server. The credentials passed in _USERNAME and _PASSWORD are validated against the metadata server instead of the host operating environment. META* SAS options must be set to valid values for AUTH=META to function. The GUESTUSER and GUESTPASS options are supported for AUTH=META.
The AUTH schemes do not apply to administration programs. Unprotected administration programs such as PING and STATUS can be run by any client without specifying a username or password. Protected administration programs such as STOP require only the _ADMINPW parameter (for more details, see the ADMINPW option). ADMINPW is required if AUTH=HOST is specified.
See the Special Requirements section for more information about the AUTH=HOST option.
The following are the default Windows SAS encodings based on the Application Server's locale.
SAS Locale | Default PROC APPSRV ENCODING |
---|---|
Western Europe and the Americas | wlatin1 |
Eastern Europe | wlatin2 |
Cyrillic | wcyrillic |
Japanese | ms-932 |
Encodings whose names include a dash (-) must be enclosed in quotation marks (').
65535
.Note: This option should not be used if PROC APPSRV is run in the SAS windowing environment.
The characters that users most often want to mark as unsafe are the following:
Because this list is enclosed by single quotation marks, you can represent a single quotation mark by placing two single quotation marks within the quoted string in the following manner:
UNSAFE='&"%;'''
There are times, such as processing free-format text input, when you might want to use the original, complete value for an input name/value pair. The APPSRV_UNSAFE function can be used for this purpose. For example, the complete text of an input variable named MYTEXT can be accessed in a DATA step or SCL program with APPSRV_UNSAFE, as in the following:
fulltext = appsrv_unsafe('MYTEXT');
The APPSRV_UNSAFE function can be called from macro with the %sysfunc function:
%let fulltext = %sysfunc(appsrv_unsafe(MYTEXT));
Note: If you are using programs developed before Version 8 of SAS, you may need to omit the UNSAFE option for proper operation of your application. If the UNSAFE option is not specified, no unsafe processing is performed and all name/value pairs are passed unmodified to the request program.
The AUTH=HOST option requires that the account that is running PROC APPSRV must have SYSPRV privilege enabled to allow the server to verify login information. Note that all client requests will be rejected as invalid if the server account does not have this privilege.
The AUTH=HOST option requires that the SAS SVC routine be installed on z/OS systems. The SAS SVC control program routine is an interface between the z/OS operating environment and a specific request, such as third-party checking. This facility provides verification in the form of calls for authentication of both the user ID and password and of library authority. Perform the following steps before using the AUTH=HOST option.
If you have already installed the SAS SVC routine for SAS 9.1, do not repeat the step here. If you need to perform the installation, see the installation instructions for SAS under z/OS for details.
Because SAS SVC 9.1 is backward compatible, it replaces the SAS SVC routines from previous releases. You can continue using previous releases of Base SAS and SAS/IntrNet or SAS/SHARE with SAS SVC 9.1.
You must verify that the SAS options for the SVC routine accurately reflect the way that the SAS SVC is installed. The SAS option SVC0SVC should be set to the number at which the SAS SVC is installed (for example, 251 or 109). If the SAS SVC is installed at 109 as an ESR SVC, set the SAS option SVC0R15 to the ESR code (for example, 4).
If you have more than one CPU, verify that the SAS SVC routine is installed on the systems that will be running the Application Server at your site.
The AUTH=HOST option requires that the SAS User Authorization utilities (sasauth
and sasperm
) be configured properly. See the section on configuring user authorization in the
SAS 9.1 post-installation instructions for UNIX for more information on these utilities.
The AUTH=HOST option requires special user rights on Windows systems. Review the following requirements carefully before enabling the AUTH=HOST option.
Any username specified by a client (including the default GUESTUSER) must have Log on as a batch job advanced user right enabled. If this permission is not enabled, the client request is rejected as an invalid login.
On Windows NT and Windows 2000 only, the account that is running PROC APPSRV must have Act as part of the operating system advanced user right enabled to allow the server to verify login information. Note that all client requests are rejected as invalid if the server account does not have this permission.
SAS/IntrNet 9.1: Application Dispatcher |