- 5Additional setup
- 5.5Additional setup for RKWeb
- 5.6Additional setup for JANSSL
Download and install rktools.exe on your workstation, and then copy only the needed file srvany.exe somewhere on your server (let's say c: Tools). Then create the Windows Service for srvany: sc create Robocopy-Service binPath= 'C: Tools srvany.exe' start= auto. Rktools.2003 v5.2.121102 - Passed - Package Tests Results - 1.RegistrySnapshot.xml. I was looking to install the support tools, which I used with XP, like windows server 2003 support tools I used in XP rktools.exe. I don't know what happened why no server 2008 tools.
Overview
RKTools (Rocket Tools for Model 204) is a set of application subsystems (aka APSYs) running inside a Model 204 Online that provide TN3270 and web-based tools for programmers, database administrators, and system managers.
As of RKTools V7.7, all Rocket-provided, SOUL-based tools are consolidated in the M204PROC
procedure file. M204PROC
includes all components from RKTools 7.5 in addition to Dictionary/204 and the SQL Server utilities. This means that all Model 204 SOUL tools provided by Rocket are in a single file.
Note: Since the RKTools 7.7 installation process modifies the application subsystem definitions to point to the M204PROC
file, sites that are upgrading must perform a full installation and not merely an M204PROC
file overlay. To allow for a switch back to RKTools 7.5, keep a backup of your current SIRIUS
file and your current CCASYS
file (though you can also change the subsystem definitions manually using SUBSYSMGMT).
Installing RKTools requires downloading the M204PROC
file from the Model 204 maintenance website, restoring it to your environment, setting up some subsidiary Model 204 files, and verifying that the Online environment has the appropriate parameter settings. Then you run a single procedure that installs or upgrades the RKTools subsystems.
Once the installation is complete, upgrades to RKTools can almost always be handled by restoring a fresh copy of the M204PROC
file.
Download the installation file
All RKTools 7.7 code resides in the M204PROC
Model 204 file. You need to download a dump version of this file from the Rocket Software Model 204 maintenance website. The procedure file for RKTools 7.5 is SIRIUS
.
To download from the Rocket website:
- On the 'Rocket M204 Customer Care' page (http://m204.rocketsoftware.com), go to the 'Downloads and Uploads' section and select the 'Download SOUL files' link to access the 'SOUL files for Rocket Software' page.
- Log in, and download the version of RKTools that is compatible with your version of Model 204. The procedure file contained in the 'RKTools V7.7' link works for Model 204 versions 7.6 and above. For Model 204 version 7.5, use the download labeled 'RKTools V7.5.'
A 'Click here' link in the text above the file list on the SOUL files download page brings up Downloading and restoring SOUL files, which provides help about downloading and uploading files, file sizing, and more.
You can bypass any step of the installation that applies only to an RKTools component you are not installing.
System requirements
- RKTools V7.7 was made specifically backward compatible to Model 204 version 7.6, though version 7.7 is recommended. Version 7.5 of RKTools requires Model 204 version 7.5 or higher.
- Requirements for server sizes for each product and Model 204 User 0 and UTABLE parameter settings are listed where appropriate in the installation steps in the next section.
- To verify the products for which your Online is authorized, enter
ROCKET
at the Model 204 command line. - The installing user must have:
- Update access to the JCL or EXECs that bring up the host Online
- Model 204 System Manager privileges
- Access to the SUBSYSMGMT facility and the JCL or EXEC that runs the Online Model 204 region.
Install RKTools
Attention: If you are upgrading from a previous version, keep your old copies of SIRLOCAL
, M204LOCL
, and most application-specific data files, such as JANCAT
, SIRLIBD
, and SIRFILED
. The SirMon SIRSTATS
file is replaced in version 7.7 by MONDATA
. The SIRIUS
file is no longer used as of RKTools 7.7, but there is no harm in keeping it in case you want to fall back to a previous RKTools version.
The installation process uses your existing RKTools files to determine whether to perform upgrade actions or new-installation actions, so leave these files allocated and available, including SIRLOCAL
.
- Allocate files.
The following table shows the RKTools files and their sizes:
RKTools file allocations File Size Allocation is required... M204PROC MONDATA 4000 pages Only if installing SirMon. Note:
MONDATA
replacesSIRSTATS
, which is no longer needed as of RKTools V7.7.SIRFILED 1200 pages Only if installing SirFile. SIRLIBD 1200 pages Only if installing SirLib. SIRLIBP 1200 pages Only if installing SirLib. JANCAT 1200 pages Only if installing Janus OMNI. JANSSL 1200 pages Only if installing Janus SSL or RKWeb. The following table shows the Dictionary/204 supporting files (in addition to M204PROC):
File Size Allocation is required... DATALINK 400 pages For Dictionary/204 or SQL Server. METADATA 400 pages For Dictionary/204 or SQL Server. M204TEMP 400 pages If installing Dictionary/204. D204RPT 400 pages If installing Dictionary/204. D204SYS 400 pages If installing Dictionary/204. M204DCTL 400 pages If installing Dictionary/204. The following table shows the SQL Server supporting files (in addition to M204PROC):
SQL Server file allocations File Size Allocation is required... CCACAT 700 pages For RKWeb access to SQL Server. DATALINK 400 pages For Dictionary/204 or SQL Server. METADATA 400 pages For Dictionary/204 or SQL Server. TSFDATA 200 pages For RKWeb access to SQL Server. TSFTEMP 300 pages For RKWeb access to SQL Server. - RESTORE
M204PROC
from the DUMP file downloaded from the Rocket website.Note: If you are restoring into your existing
M204PROC
file, note that theM204PROC
file has X'0221' privileges, which does not allow RESTORE. You will have to CREATE the file first (to wipe out existing content) before you execute the RESTORE. A sample command sequence is:CREATE FILE M204PROCEND CREATEOPEN FILE M204PROCIN M204PROC RESTORE 192 FROM dumpfile
To verify the
M204PROC
version, you can openM204PROC
with SirPro and view the RKTOOLS_VERSION procedure. - Update the Online JCL or EXEC:
- Add DD (MVS) cards or FILEDEFs (CMS) for the RKTools files.The 'RKTools file allocations' table above lists the files for which DD cards or FILEDEFs might be needed.
- Verify that the Online environment allows the use of file groups and application subsystems.
- To use permanent file groups, the Online must have allocated a CCAGRP file, and the SYSOPT parameter must include the
2
bit. - To use APSY subsystems, an Online must have allocated a CCASYS file, and the SYSOPT parameter must include the
1
bit.
- To use permanent file groups, the Online must have allocated a CCAGRP file, and the SYSOPT parameter must include the
- Review the RKTools, Dictionary/204, and Model 204 SQL Server tables below for the minimum server-size requirements of individual subsystem components.
Note: The actual server size requirements might vary slightly from the listings below because of tablesettings in your Model 204 Online, and because of slight differences between UTABLE requirements in different versions of Model 204.
Rocket recommends using one server size for the entire Online, making it at least 750,000 bytes to accommodate the largest RKTools component. For more information about server sizing, see Sizing user server areas.
Note: CCATEMP usage might increase with RKTools. CCATEMP should be monitored (
VIEW TEMPSIZE
,VIEW TEMPMAX
) to ensure that sufficient space is allocated to accommodate the additional activity.RKTools server sizes Subsystem name Minimum server size JANSSL 300K RKTOOLS 135K SIRADMIN 150K SIRDBA 180K SIRFILE 230K SIRLIB 135K SIRMON 220K SIRPRO 750K SIRSCAN 250K Dictionary server sizes Subsystem name Minimum server size DICTADMIN 455K DICTIONARY 455K DICTREPORT 455K DOCUMENT 455K FILEMGMT 455K SUBSYSMGMT 455K XREF 455K SQL Server server sizes Subsystem name Minimum server size CCACATREPT 250000 CCATSF 165000
- Verify that the Online has a minimum of 10 Sdaemon threads allocated. Each of these threads is typically defined as an
IODEV15
thread.If using RKWeb or any of the web interfaces to other components, you may need more IODEV15s available. - Modify the User 0 stream.
Adjust these parameters:
Parameter Adjustment COMPOPT RKTools requires the COMPOPT X'03' bit, which enables mixed-case SOUL. RKTools makes extensive use of mixed-case coding, and the tools fail to compile if support is not enabled. If batch SirLib or other batch features are used, ensure that COMPOPT is set to X'03' in those jobs as well. CUSTOM RKWeb must include the 18 setting to enable a larger SSLIBSIZE on the Janus Web port, which must be secured. MAXBG Minimum setting is 4. MAXDAEM Minimum setting is 10. MAXINCL Minimum setting is 10. NDCBS Increase by the number of RKTools files. NDIR Increase by the number of RKTools files. NFILES Increase by the number of RKTools files. NORQS Minimum setting is 5. SESNPUB Minimum setting is 40. The right setting for your site might be higher, based on RKWeb usage (number of users). SESUMAX Minimum setting is 10. The right setting for your site might be higher, based on RKWeb usage (number of users). - Verify you have adequate UTABLE settings.
Initial problems with RKTools subsystems are usually associated with one or two extremely small default UTABLE settings.Running the failing subsystem in
TEST DEBUG
mode will highlight UTABLE parameters that need to be increased.These are the recommended settings:
UTABLE parameter Value Description HTLEN 220 Max length of each header or trailer LFTBL 1000 Length of FTBL LFSCB 21400 Length of full screen buffer LGTBL 2000 Length of global variable table LIBUFF 2000 Length of input buffer LITBL 104 Length of ITBL LNTBL 450 Length of NTBL LOBUFF 960 Length of output buffer LOUTPB 10000 Length of output page buffer LPDLST 10000 Length of user push down list LQTBL 2200 Length of QTBL LSTBL 60000 Length of STBL LTTBL 2000 Length of TTBL LVTBL 1300 Length of VTBL LXTBL 1000 Length of XTBL MAXHDR 7 Max number of headers MAXTRL 7 Max number of trailers NORQS 10 Number of requests preserved SCRNSTBL 12000 STBL size for screen objects; this must be set for SIRMON
,SIRPRO
, andSIRSCAN
.A setting of 18000 is recommended for shops that use Mod 6 terminals with very large screen sizes (Rocket regularly tests with 3270 screen sizes of 50x150 characters).
Note:Either 12000 or 18000 is both a recommended minimum and maximum. Unless you have very large servers at your site (1 megabyte or larger), or you have very large screen objects in your own application code, a very large SCRNSTBL will cause table-size resets to fail.
SEQPDL 4096 Minimum PDL available for sequencer - Bring up the Online and install all the RKTools components except Dictionary/204 and SQL Server; then install or reinstall Dictionary/204 and SQL utilities as needed:
RKTools 7.5 components
Issue these commands:
OPEN FILE CCASYSOPEN FILE M204PROCINCLUDE RKTOOLS_INSTALL
RKTOOLS_INSTALL creates or updates the dozen or so RKTools application subsystems and sets up their supporting files. It performs all installation functions for new sites and all upgrade functions for reinstalling sites. No existing user profiles or other site-specific customization will be lost, as long as your existing SIRLOCAL file is left in place.
The procedure produces a screen that lists all of the subsystems and whether they have loaded. It may be necessary to troubleshoot why expected subsystems did not load, then re-execute the procedure. You are encouraged to use the installation program's F1-key Help for detailed explanation of how the program is working with the subsystems.
During APSY subsystem execution, error messages are not suppressed, which aids in diagnosing any installation problems. For example, you will be able to see if an installation failed because a file was enqueued in a different Online, and so on.
The procedure
RKTOOLS_INSTALL
also builds a subsystem calledRKINSTALL
. If the installation needs to be re-run, you can invoke the subsystem (from command line or later with option 9 in the RKTools main menu) rather than the procedure.Once the installation completes successfully, start the component subsystems (START SUBSYSTEM command, invoke by name, or both) before using the RKTools 3270 or RKWeb interface.
To verify that the subsystems are correctly installed, enter
RKTOOLS
at the command line, and use the main menu to test the individual RKTools components. You may also want to use SUBSYSMGMT to check that the component subsystem definitions are viewable, and use SirPro to display the newly restored M204PROC file to ensure its availability.Dictionary/204
Though the Dictionary/204 components are delivered in
M204PROC
and accessible from RKWeb as of version 7.7, they are not installed and set up byRKTOOLS_INSTALL
. For example, on z/OS, an initial Dictionary/204 installation uses theDDINST
JCL from the Model 204 RKOBJLIB; for an upgrade, theDDRINST
job.Though the Dictionary/204 installation steps are largely included in the the RKTools installation process, you may want to review the Dictionary/204 installation guide for any additional actions you might need to take.
SQL Server
The Model 204 SQL Server components are delivered in
M204PROC
, and the SQL Server tools (CCACATREPT, CCATSF) are accessible from RKWeb. Support for this use of RKWeb requires the availability of the SQL Server supporting files.For an initial installation of the SQL Server subsystems, open
M204PROC
and execute the following command:INCLUDE SQLINST
For a reinstallation:
INCLUDE SQLRINST
If you are installing and using SQL Server independently apart from RKTools and RKWeb, or you have additional questions about SQL Server installation, see Model 204 SQL Server installation.
- Use SUBSYSMGMT to add users to the appropriate SCLASS classes for any private or semi-public RKTools subsystems.
For authority to do this, you need System Administrator log in privileges, and you need SUBSYSMGMT privileges authorized via the DICTADMIN facility of Dictionary/204. The ID of the user that runs the INSTALL_RKTOOLS procedure is automatically added to the ADMIN or to the highest-level administration SCLASS in each of the RKTools subsystems (though not necessarily to the Dictionary and SQL Server subsystems).
Each component application of RKTools has its own APSY subsystem definition and privileges associated with SCLASS specifications.If you have a good reason for doing so, you can redefine any of the RKTools subsystems as PUBLIC,SEMI-PUBLIC, or PRIVATE.Contact Rocket Software if you are unsure of the effect of a proposed change.
RKTools components are typically installed as auto-start. Use SUBSYSMGMT to disable this feature if you prefer that the subsystems not start automatically at each user request.
The RKWeb interface, described further below in Additional setup for RKWeb, is controlled by the RKWEB subsystem, and you need to update the subsystem definition with the names of eligible users. Some of the RKWeb options require system administrator login privileges just as those options do when accessed with the RKTools TN3270 interface. To use these options in RKWeb requires system administrator login privileges and ADMIN SCLASS membership in the RKWEB subsystem, as well as a suitable product license.
- See the 'Additional setup' sections below for the components you use at your site.
Additional setup
Additional setup for SirLib
Read and follow the instructions in the SirLib 'getting started' steps.
Additional setup for SirScan
The SirScan administrator can use SIRADMIN to set default I/O and record maximums for users in the various SirScan SCLASSes. See SirScan setup for details.
Additional setup for SirMon
When users are added to SCLASSes, note that there is a special BUMP SCLASS.Any user added to this SCLASS gains the ability to BUMP other users.This class does not provide access to customizing options in SirMon.Only users in the ADMIN SCLASS are able to add custom screen definitions to SirMon.
If the SirMonbackground monitor is to be used, add the following line to the User 0 input stream:
SIRMON BACKGROUND
Rktools 2008 Download
The background monitor may also be started automatically in a BATCH2 thread or an sdaemon thread.
You can customize statistic thresholds or use the supplied defaults to establish problem conditions.
The background monitor also lets you send warnings toe-mail addresses and cell phones (via e-mail).This feature requires Janus Sockets and a started Janus Sockets port.
Additional setup for SirFile
If the SirFile background monitor is to be used, add the following line to User 0's input stream:
SIRFILE BACKGROUND
As with SirMon, the background monitor may be started automatically in a BATCH2 thread or in an sdaemon thread. See SirFile refresh process for details.
You can customize the system and file-specific thresholds or use thesupplied defaults to establish problem conditions.
Additional setup for RKWeb
New for RKTools version 7.7 (and requiring at least Model 204 version 7.6), RKWeb (Model 204 Tools on the Web) provides web access for all the important elements of Model 204. Use of this product requires Janus Web Server. If your site does not own Janus Web Server, RKWeb can still be used by a limited number of Janus Web threads under the Janus TOGA agreement, which allows the running of as many as five web threads.
Because RKWeb includes an interface for password maintenance and other protected Model 204 entities, it is mandatory to run it on an SSL-protected web port. Experienced users of Janus Web will probably have Janus ports already defined and protected by SSL certificates. Users new to Janus Web might want to review Defining a Janus port and generating a self-signed SSL certificate, below, on defining an unprotected port that can be used to generate an initial self-signed certificate.
Browser support and configuration
RKWeb supports Edge, Chrome, and the latest versions of Firefox and Safari. IE (Internet Explorer) is explicitly not supported as it is deprecated by Microsoft.
On some browsers, it might be necessary to allow pop-ups or to whitelist your RKWeb port so that pop-ups are authorized.
RKWeb makes extensive use of Javascript, which must be enabled for your browser.
Janus Web port definition
Authorized Janus Web Server users will find that RKWeb works best with at least ten Janus Web threads available on the port definition. Non-Janus customers can still use RKWeb via the free Limited Janus Web Server feature, which allows a Janus Web port to be defined with as many as five threads. Under this configuration, RKWeb might operate a little slowly and might require occasional forced-refreshes, but all features are otherwise allowed.
An SSL-protected web port can be defined like this:
JANUS DEFINE portname 8205 WEBSERV 20 IBSIZE 4096 OBSIZE 65534 TRACE 1 - RBSIZE 4096 UPCASE SESCOOKIE RKSESSION SSLSES VARIPADDR - SSL JANSSL JUNE2017.PKEY SSLCACHE 320 SSLMAXCERTL 2048 - SSLIBSIZE 32767 SSLOBSIZE 16000 - WEBUSER WEBUSER WEBACCT WEBUSER MAXTEMP 2000 COMPRESS 1 JANUS START portnameprivateKeyPassword
Such an SSL port as defined above will not start unless you have already obtained a signed certificate. To do so, you can start with an unsecured port and use the JANSSL application to generate a self-signed SSL certificate.
RKWeb also provides an interface (Manage > SSL Certificates
) for running the Janus Network Security application (JANSSL) for obtaining and managing SSL certificates. The RKWeb version of this application mimics the operation of the application that is described in detail in the Janus Network Security wiki pages.
Janus Web rules for RKWeb
Following are the recommended and mandatory Janus rules to run RKWeb:
Rktools 2008 Election
*... Codepage 0037... json requires square brackets to be Unicode 5B & 5D*... translate EBCDIC BA/BB accordingly UNICODE TABLE STANDARD MAP E=BA IS U=005B UNICODE TABLE STANDARD MAP E=BB IS U=005D *... TYPE rules for serving up binariesJANUS WEB portname TYPE ANY * TEXT/HTMLJANUS WEB portname TYPE ANY *.HTML TEXT/HTMLJANUS WEB portname TYPE ANY / TEXT/HTMLJANUS WEB portname TYPE ANY *.HTM TEXT/HTMLJANUS WEB portname TYPE ANY *.GIF IMAGE/GIFJANUS WEB portname TYPE ANY *.PNG IMAGE/PNGJANUS WEB portname TYPE ANY *.CSS TEXT/CSSJANUS WEB portname TYPE ANY *.JS TEXT/JAVASCRIPTJANUS WEB portname TYPE ANY *.JPEG IMAGE/JPEGJANUS WEB portname TYPE ANY *.JPG IMAGE/JPEGJANUS WEB portname TYPE ANY *.ICO IMAGE/X-ICON*... support for the Ace Editor, part of RKWebJANUS WEB portname ON /ACE/* OPEN M204PROC SEND * TEXTJANUS WEB portname ON /ACE/EDITOR OPEN M204PROC CMD 'RKWEB'JANUS WEB portname ON /ACE/EDITOR.JSON OPEN M204PROC CMD 'RKWEB'JANUS WEB portname ON /ACE/PROCLIST OPEN M204PROC CMD 'RKWEB'JANUS WEB portname ON /ACE/PROCLIST.JSON OPEN M204PROC CMD 'RKWEB'JANUS WEB portname ON /ACE/S.SETTINGS.PNG OPEN M204PROC SEND S.SETTINGS.PNG BINARY EXPIRE +999999JANUS WEB portname ON /ACE/S.SIRLIB_SEQ.PNG OPEN M204PROC SEND S.SIRLIB_SEQ.PNG BINARY EXPIRE +999999JANUS WEB portname ON /ACE/*.JS OPEN M204PROC SEND *.JS TEXTJANUS WEB portname ON /ACE/SRC/SNIPPETS/*.JS OPEN M204PROC SEND /ACE/SRC/SNIPPETS/*.JS BINARY EXPIRE +999999JANUS WEB portname ON /ACE/SRC/*.JS OPEN M204PROC SEND /ACE/SRC/*.JS BINARY EXPIRE +999999JANUS WEB portname ON /ACE/SRC/MODE-M204.JS OPEN M204PROC SEND MODE-M204.JS TEXTJANUS WEB portname ON /ACE/LIB/*.JS OPEN M204PROC SEND *.JS BINARY EXPIRE +999999*... RKWeb rules:JANUS WEB portname ON /RKWEB/* CMD RKWEBJANUS WEB portname ON /RKWEB/*.CSS OPEN FILE M204PROC SEND '1.CSS TEXT EXPIRE +7200JANUS WEB portname ON /RKWEB/*.JS OPEN FILE M204PROC SEND '1.JS TEXT EXPIRE +7200JANUS WEB portname ON /RKWEB/*.GIF OPEN FILE M204PROC SEND '1.GIF EXPIRE +7200JANUS WEB portname ON /RKWEB/*.PNG OPEN FILE M204PROC SEND '1.PNG EXPIRE +7200JANUS WEB portname ON /RKWEB/*.JPG OPEN FILE M204PROC SEND '1.JPG EXPIRE +7200JANUS WEB portname ON /RKWEB/*.JPEG OPEN FILE M204PROC SEND '1.JPEG EXPIRE +7200JANUS WEB portname ON /RKWEB/*/*.CSS OPEN FILE M204PROC SEND '2.CSS TEXT EXPIRE +7200JANUS WEB portname ON /RKWEB/*/*.JS OPEN FILE M204PROC SEND '2.JS TEXT EXPIRE +7200JANUS WEB portname ON /RKWEB/*/*.GIF OPEN FILE M204PROC SEND '2.GIF EXPIRE +7200JANUS WEB portname ON /RKWEB/*/*.PNG OPEN FILE M204PROC SEND '2.PNG EXPIRE +7200JANUS WEB portname ON /RKWEB/*/*.JPG OPEN FILE M204PROC SEND '2.JPG EXPIRE +7200JANUS WEB portname ON /RKWEB/*/*.JPEG OPEN FILE M204PROC SEND '2.JPEG EXPIRE +7200JANUS WEB portname ON /RKWEB/*/RKWSEND/*.* OPEN FILE M204PROC SEND '2.'3 EXPIRE +7200JANUS WEB portname ON /RKWSEND/* OPEN FILE M204PROC SEND * EXPIRE +7200*... Rules supporting the applications implemented as Janus Legacy apps.JANUS WEB portname DISALLOW /ACE*JANUS WEB portname DISALLOW /RKW*JANUS WEB portname DISALLOW /SIRLIB*JANUS WEB portname DISALLOW /DICTADMIN* JANUS WEB portname DISALLOW /DICTREPORT* JANUS WEB portname DISALLOW /DICTDOC* JANUS WEB portname DISALLOW /XREF* JANUS WEB portname DISALLOW /FILEMGMT*JANUS WEB portname DISALLOW /CCACATREPT*JANUS WEB portname DISALLOW /CCATSF*JANUS WEB portname ALLOW /ACE* USER *JANUS WEB portname ALLOW /RKW* USER *JANUS WEB portname ALLOW /SIRLIB* USER *JANUS WEB portname ALLOW /DICTADMIN* USER *JANUS WEB portname ALLOW /DICTREPORT* USER *JANUS WEB portname ALLOW /DICTDOC* USER *JANUS WEB portname ALLOW /XREF* USER *JANUS WEB portname ALLOW /FILEMGMT* USER *JANUS WEB portname ALLOW /CCACATREPT* USER *JANUS WEB portname ALLOW /CCATSF* USER *JANUS WEB portname ON /SIRLIB* CMD 'SIRLIB *'JANUS WEB portname ON /DICTADMIN* CMD 'DICTADMIN *'JANUS WEB portname ON /DICTREPORT* CMD 'DICTREPORT *'JANUS WEB portname ON /DICTDOC* CMD 'DOCUMENT *'JANUS WEB portname ON /XREF* CMD 'XREF *'JANUS WEB portname ON /FILEMGMT* CMD 'FILEMGMT *'JANUS WEB portname ON /CCACATREPT* CMD 'CCACATREPT *'JANUS WEB portname ON /CCATSF* CMD 'CCATSF *'JANUS WEB portname SCREEN /SIRLIB/* - EXITURL '/rkweb/' EXITKEY 'Exit SirLib' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00'JANUS WEB portname SCREEN /DICTADMIN* - EXITURL '/rkweb/' EXITKEY 'Exit DictAdmin' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00'JANUS WEB portname SCREEN /DICTREPORT* - EXITURL '/rkweb/' EXITKEY 'Exit DictReport' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00'JANUS WEB portname SCREEN /DICTDOC* - EXITURL '/rkweb/' EXITKEY 'Exit Document' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' JANUS WEB portname SCREEN /XREF* - EXITURL '/rkweb/' EXITKEY 'Exit Xref' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00'JANUS WEB portname SCREEN /FILEMGMT* - EXITURL '/rkweb/' EXITKEY 'Exit FileMgmt' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00'JANUS WEB portname SCREEN /CCACATREPT* - EXITURL '/rkweb/' EXITKEY 'Exit CCACatRept' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00'JANUS WEB portname SCREEN /CCATSF* - EXITURL '/rkweb/' EXITKEY 'Exit CCATSF' AUTOPF ON CSS /styles/cool.css - BGCOLOR 'white' TEXT 'black' - BLUE '#000066' GREEN '#006600' PINK '#ff80ff' RED '#ff0000' TURQUOISE '#0033ff' WHITE '#0000ff' YELLOW '#ffff00' START SUBSYSTEM DICTADMINSTART SUBSYSTEM DICTREPORTSTART SUBSYSTEM DOCUMENT START SUBSYSTEM XREFSTART SUBSYSTEM FILEMGMTSTART SUBSYSTEM CCACATREPTSTART SUBSYSTEM CCATSF
Again, as described earlier in Janus Web port definition, because the above rules force users to log in with their enterprise credentials, and because RKWeb provides an interface into protected elements like passwords and APSY definitions, the port on which RKWeb runs must be SSL protected.
To verify that the Janus Web rules are defined and that the SSL and unsecured ports are started, issue a JANUS STATUS *
command.
Rktools 2003
Once the rules are implemented and the port is started, You can access RKWeb with a URL like this:
https://www.mydomain.com/rkweb/welcome.html
In addition to web rules, if low-privileged users are to be given access to RKWeb, certain system level methods need to be made available to those users. The following commands are required to implement this:
SIRMETH ALLOW SYSTEMSET SUBSYSTEM RKW* NONPRESIRMETH ALLOW SUBSYSTEMSET SUBSYSTEM RKW* NONPRESIRMETH ALLOW SYSTEMSET SUBSYSTEM SIR* NONPRE
As implied by the recommended and mandatory JANUS WEB rules above, some RKWeb applications are implemented with Janus Legacy, which launches them into a separate browser tab. These Janus Legacy applications are not fully integrated with RKWeb, so you must use the security configured for those applications. For instance, FILEMGMT is implemented as Janus Legacy, and it might prompt the user for a separate password.
Additional setup for JANSSL
Defining a Janus port and generating a self-signed SSL certificate
You can run RKWeb on any SSL-protected Janus port, and experienced users are likely to add the recommended Janus rules to a port or ports they already have configured.
New users might need to define an initial unprotected Janus port that can then be used to generate a self-signed certificate. That certificate is then used to protect the port on which RKWeb is to run. Directions follow:
- Enter these rules to create a very basic Janus Web port:
JANUS DEFINE MYWEBPORT 80 WEBSERV 10 IBSIZE 4096 OBSIZE 8192 TRACE 1 RBSIZE 4096 - UPCASE WEBUSER WEBUSER WEBACCT WEBUSER MAXTEMP 1000 JANUS WEB MYWEBPORT ON / OPEN FILE M204PROC CMD 'INCLUDE JANWEB.HOMEPAGE.HTML' JANUS WEB MYWEBPORT ON /JANSSL/* OPEN FILE M204PROC CMD 'INCLUDE JANSSL.*' JANUS WEB MYWEBPORT ON /JANWEB/* OPEN FILE M204PROC CMD 'INCLUDE JANWEB.*' * ALLOW rules that will force a logon for the JANSSL application. * These will result in a warning, which is expected, but can be ignored. JANUS WEB MYWEBPORT DISALLOW * JANUS WEB MYWEBPORT ALLOW * USER * JANUS START MYWEBPORT
- Use either of the following ways to connect to the JANSSL certificate management program:
- With the following URL, invoke the Janus default home page:
http://www.mydomain.com:xxxx
where xxxx is the port number. In the preceding port definition,
80
is the default port for web connections. Your network administrator might require a different port number.On the Janus default home page, click the link to the JANSSL certificate management program.
- Using your own domain name and port number, connect directly to the JANSSL certificate management program:
http://www.mydomain.com:9999/janweb/sslmain.html
- With the following URL, invoke the Janus default home page:
- Use the certificate management program to generate a self-signed certificate.
The program contains ample online Help. Follow the instructions for generating a self-signed certificate.
- Use the self-signed certificate to protect the port from which RKWeb will run.