Experimental Physics and
Industrial Control System

Hi,

 

Sorry about the delay responding , I took some âvacationâ time to set some tile in the basement of my house.

 

à Here is my question. I want to add  access control to my PCAS,

à but I do not  know what the pUserName and pHostName in the

à following function refer to clearly.

à virtual casChannel *createChannel ( const casCtx &ctx,const

à char * const pUserName,const char * const pHostName);

à  

 

In the createChannel virtual member function the pUserName argument is a constant nill terminated string which is the user name of the user account the ca clientâs application is running under. In the createChannel virtual member function the pHostName argument is a constant nill terminated string which is the name (typically the dns name) of the host the ca clientâs application is running on.

 

à In "Channel Access Protable Server API Tutorial" it said

à that points to a string representing the user's name and  pHostName 

à points to a string representing the server tool's host.

 

There might be a documentation issue here. It should say that it is the host name (typically the dns name) of the _clientâs_, and not the serverâs, host. I created bug entry 692664 at the epics launchpad site.

 

à  

à For example, I have

à two EDM clients application run on the same linux PC, does the user's name

à refer to the PC name or something else.

 

The user name of the user account the client application runs on.

 

à William Lu wrote:

à Channel access security is better achieved by usnig the

à EPICS access security API. If you follow that path, at

à some point in your pcas code you will call

à asAddClient(&client, member, asl, pUserName, pHostName),

à to which you pass the pUserName and pHostName, as illustrated bellow:

 

Yes, this is the typical approach - which causes access security configuration of your service to be similar to, for example, an IOC or the ca gateway.