A customer has asked how he could implement some stringent security on the
'unirpc' services.  In particular, he wants to only allow certain 'Requests'
(like the 'Subroutine' method, etc.) from any users out there writing
UniVerse Objects front-ends.
To me, this means he wants unirpc to fire off uvserver when requested by
UniObjects, but to have uvserver only forward on his allowed Methods (and no
other).  This would keep developers from writing code that could .Read,
.Write, .Delete, etc, and force them to obey his security standards.
1) The first option I can think is to 'intercept' the uvserver executable.
Has anyone any experience with writing their own Services for unirpc?
2) Next, how about distributing a cut-down version of the DLL (or is it
OCX?) that his users will bind into their app?
Hoping there's a chance...
Michael McRae
u2-users mailing list

Reply via email to