This all sounds like an overkill. If you didn't want users / developers to do this, why would you want them to have access to the said server? I'm sure there is more to this, no?
Furthermore, it would had overhead to the interface. Patching or intercepting calls to the UniRPC or servers it starts-up would be subject to "breaking" everytime IBM "improved" these interfaces. ;-) On the other hand, some sort of proxy-server/fire-wall software with "packet sniffing" (if such a beast exists) capabilities may work. Then again...overhead and likely to be broken by IBM, some time in the future. Perhaps he could consider turning all his accounts (or the ones he is most concerned about), into SQL Schemas (or just the files into SQL Tables)? Oh, of course maintaining SQL security on those isn't easy. But if they're serious about security, then you can't get more low-level or a per-user basis than that, at the UV database-level. Never tried it myself, but it could be a better and more economical solution. Next option, but don't bet on it coming soon...ask IBM to add this feature, to a future version of UV?!?! Regards David -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael McRae Sent: Friday, March 26, 2004 5:30 PM To: [EMAIL PROTECTED] Subject: Writing a "RPC Service" A customer has asked how he could implement some stringent security on the 'unirpc' services. In particular, he wants to only allow certain 'Requests' (like the 'Subroutine' method, etc.) from any users out there writing UniVerse Objects front-ends. To me, this means he wants unirpc to fire off uvserver when requested by UniObjects, but to have uvserver only forward on his allowed Methods (and no other). This would keep developers from writing code that could .Read, .Write, .Delete, etc, and force them to obey his security standards. 1) The first option I can think is to 'intercept' the uvserver executable. Has anyone any experience with writing their own Services for unirpc? 2) Next, how about distributing a cut-down version of the DLL (or is it OCX?) that his users will bind into their app? Hoping there's a chance... Michael McRae -- u2-users mailing list [EMAIL PROTECTED] http://www.oliver.com/mailman/listinfo/u2-users