February 8, 2004
From the Edge: Securing Your R:BASE 7.1 Applications Section: New Functions Chapter: Running R:BASE Your Way! Platform: R:BASE 7.1 for Windows Build: 7.1.71.30214 and higher
R:BASE 7.x provides scalable, granular security for building and deploying your R:BASE 7.x applications.
Security is more than just passwords. R:BASE has some of the most comprehensive database security features available.
SQL GRANT/REVOKE commands allow you to assign access rights to any database table. R:BASE 7.x provides a few more security options that can collaborate with other services to provide authentication, authorization, delegation, and data protection.
The Application Designer provides the encrypted Application Design Password to protect your application as well as the code behind the single module application (.RBA) file.
The Form-Based applications are protected by "Design-Time" and "Run-Time" passwords to secure your work and graphics, as well as embedded code.
The PROPERTY and GETPROPERTY commands offer the ability to change any property dynamically, as well as make any control visible/enable based on any event or circumstances.
On the top of all those features, now you have the added
feature of allowing access to any or all controls of your
application based on a unique hardware MAC address. A new
(GETVAL('GetMACAddr','n')) function has been added to retrieve
the number of active network adapter(s) on workstation/server,
as well as the physical MAC (Media Access Control) address(es)
of active network adapter(s).Media Access Control address is a physical hardware address that uniquely identifies each node of a network. In IEEE 802 networks, the Data Link Control (DLC) layer of the OSI Reference Model is divided into two sub-layers: the Logical Link Control (LLC) layer and the Media Access Control (MAC) layer. The MAC layer interfaces directly with the network media. Consequently, each different type of network media requires a different MAC layer.
There may be a need at your customer's site where a few menus
of your application can ONLY be accessed by a given workstation
or portable computer (notebook) on top of network login and
security authentication, etc. In such a situation, you can use
the (GETVAL('GetMACAddr','1')) function for authentication and
then allow application access accordingly.
Syntax: (GETVAL('GetMACAddr','n'))Where 'n' is the parameter to either retrieve the number of active network adapters or to retrieve the MAC address of given active network adapter. Use '0' to retrieve the number of active network adapters and 1-9 to retrieve the MAC address of active network adapter(s) on given network station/server.
Example 01: To get the number of active network adapter(s)
SET VAR vActiveAdapters = (GETVAL('GetMACAddr','0'))
The variable vActiveAdapters will return the number of active network adapters on that workstation/server.
Example 02: To retrieve the MAC address of first active adapter
SET VAR vMACAddress = (GETVAL('GetMACAddr','1'))
The variable vMACAddress will return the value of first active network adapter on that workstation.
Example 03: To retrieve the MAC address of second active adapter
SET VAR vMACAddress = (GETVAL('GetMACAddr','2'))
The variable vMACAddress will return the value of second active network adapter on that workstation.
Example 04: To retrieve the MAC address of third active adapter
SET VAR vMACAddress = (GETVAL('GetMACAddr','3'))
The variable vMACAddress will return the value of third active network adapter on that workstation.
Practically, this new (GETVAL('GetMACAddr','n')) function can
be used to customize access to your R:BASE 7.1 for Windows
Applications. Consequently, you can use this function to
customize the properties of any control and/or settings of
form using the PROPERTY command based on unique MAC address of
workstation.Example 05: Disabling/Hiding Application Menus based on MAC Address
Assuming your application includes 6 main menu options, namely Customers, Contacts, Employees, Products, Sales, Quarterly Sales Reports, General Inquiry (Read Only) with Component IDs MM_Customers, MM_Contacts, MM_Employees, MM_Products, MM_Sales, MMQuarterlyReports, MM_GeneralInquiry accordingly.
In a secure work environment, suppose only one workstation or notebook can have access to all menus with MAC address 00-0D-43-2B-D6-B4 and everyone else can only access to General Inquiry (Read Only) menu.
If you would like to disable Customers, Contacts, Employees, Products, Sales and Quarterly Sales Report menus to all except the workstation or notebook with the MAC address 00-0D-43-2B-D6-B4, then here's an example to use as embedded Custom EEP in "On After Start EEP" option of form properties:
IF (GETVAL('GetMACAddr','1')) <> '00-0D-43-2B-D6-B4' THEN
PROPERTY MM_Customers ENABLED 'FALSE'
PROPERTY MM_Contacts ENABLED 'FALSE'
PROPERTY MM_Employees ENABLED 'FALSE'
PROPERTY MM_Products ENABLED 'FALSE'
PROPERTY MM_Sales ENABLED 'FALSE'
PROPERTY MM_QuarterlyReports ENABLED 'FALSE'
ENDIF
RETURNIf you would like to hide Customers, Contacts, Employees, Products, Sales and Quarterly Sales Report menus to all except the workstation or notebook with the MAC address 00-0D-43-2B-D6-B4, then here's an example to use as embedded Custom EEP in "On After Start EEP" option of form properties:
IF (GETVAL('GetMACAddr','1')) <> '00-0D-43-2B-D6-B4' THEN
PROPERTY MM_Customers VISIBLE 'FALSE'
PROPERTY MM_Contacts VISIBLE 'FALSE'
PROPERTY MM_Employees VISIBLE 'FALSE'
PROPERTY MM_Products VISIBLE 'FALSE'
PROPERTY MM_Sales VISIBLE 'FALSE'
PROPERTY MM_QuarterlyReports VISIBLE 'FALSE'
ENDIF
RETURNFor a complete PDF version of this technical document, examples and syntax, please visit:
From The Edge: http://www.razzak.com/fte (Powered by R:PHP)
Imagine the Possibilities!
Very Best R:egards,
Razzak.
