ENHANCING LOGON MENU'S IN SECURITY/3000
---------------------------------------

One of the main areas of any security package is the restriction of the ':'
colon prompt to the user community. SECURITY/3000 implements this restriction
by means of LOGON MENUS. A logon menu is a list of options that a user can do
once they log on onto the machine. From that menu a user can run packages,
stream jobs and print reports, etc. The menu files themselves are quick and
easy to create with no special command language or package to master. These
menus are however rather plain and look simple when displayed on the screen.
This article will show you how to enhance the presentability and usability of
menus.

FUNCTION KEY SELECTION
----------------------

There are many different ways of setting Fkeys in a menu. Figure 1. shows the
way we have adopted for our menus. The Fkeys are set in the *ENTERSELECTION
section and not in the *START section. The latter is only executed once when
the menu is first displayed whereas with our approach the keys are
re-established each time the menu is displayed. This makes it ideal if you
have packages or further nested menus that set there own Fkeys. The Fkey in
our example has a label of "F1 CHOICE 1", your menus could have labels that
do special functions such as R to Redisplay or L to Lockup. The ESC+'A'
moves the cursor up a line so you don't see the Fkeys being drawn on the
screen.

MENU BOXES
----------

With packages like SPEEDWARE and COGNOS able to display pop up windows and
pull down menus it seems a shame that our menus should lag behind.
Unfortunately we can't provide windows or pull down menu enhancements but we
can add a degree of visual sophisication. Figure 2. is an example of a menu
that uses the HP alternate line drawing set to draw boxes around our options.
These boxes can be drawn anywhere on the screen and can be used for enclosing
options and titles. When displayed the menus now look like proper menus. The
graphics are invoked by means of 2 variables GON and GOF. These simply switch
the line drawing set on and off. The procedure for drawing the menus is
simple. First we draw the boxes on the screen then we position the options
within the boxes. The functions TERMCLEAR() an d TERMPOS(r,c) enable us to
clear and position the cursor anywhere we like. The options are drawn into the
boxes via the *CAPTIONL command so that no option number is displayed. The
various escape code are enclosed in {} braces so they are resolved before the
menu is displayed.

VISUAL SWITCHES
---------------

The HP line drawn menus produce excellent looking menu screens but they have
one problem. If a user is not allowed to use a particular option then that
box either has to be empty or not be drawn. This makes the screen look
messy. To combat this problem are visual switches. Basically a visual switch
is a mechanism of altering the attributes of text options to the availablity
of that option. Figure 3. is an example that shows the effectiveness of
visual switches in menus . In this example the text is changed to half bright
if the user displaying the menu isn't logged on as MANAGER. Upon selecting
the half bright option an error is displayed. Visual switches can be made
from bold, inversed, underlined or even flashing text, each have their own
characteristics. Flashing text gives extra emphasis to options where you
want a users attention brought to quickly. Perhaps you have a mail system
and a user was sent some mail, a READ MAIL option could flash when the user
logs on showing that the user has received some mail. If not then that
optionn could be in half-bright.

MENU TIMEOUTS
-------------

It is very important for users to not leave menus unattended unless they lock
them up. An unlocked menu is a gift to a potential saboteur or hacker,
because there are no logons needed and any violations made would be tracked
down to the original logged on user rather than the user using the menu. To
aid LOGOFF in its task of aborting users idle for large amounts of time, we
have a facility set in to our menus that BYEs the user off the system if a menu
option is not selected within 30 seconds. Figure 4. can be coded directly
into your menus to provide you with this extra level of protection. The
timeout is made by means of the ;WAIT keyword of the INPUT command. If a menu
selection is not entered before the wait period elapses then the menu processe
is ended and the user is BYEd off the system. A CIERROR value of 9003 allows
us to check if the selection was made or the wait period elapsed.

To further help you in your quest to improve your menus, a number of example
template menus and pre-defined example menus are included on your system in
the VECSL account. The template menus are called SECMENUA,D,F,G. A file
called ESCAPES is also included in the VECSL account. This file contains a
full list of escape codes for changing the attributes of text, HP line drawing
codes and even a code to produce a beep. With the enhancements documented you
can give your menus a whole new lease of life!

--------------------------------------------------------------------------------
Figure 1. - Fkey Selection

*START
SETVAR ESC CHR(27)
*CAPTION LISTF
LISTF @.PUB.VESOFT
INPUT ANS,"Press [RETURN] to continue."
*ENTERSELECTION
ECHO ![ESC + "&f2a1k16d1L   F1   CHOICE 11"] ![ESC + "A"]
ECHO ![ESC + "&jB"] ![ESC + "A"]
INPUT VEMENUSELECTION, "Press F1 or E :"

Figure 2. - Menu Boxes

*START
SETVAR ESC CHR(27)
SETVAR GON CHR(14)
SETVAR GOF CHR(15)
*HEADER {TERMPOS(0,0)} {TERMCLEAR()} {GON}R,,,,,,,,,T{GOF}
*HEADER {GON}.         .{GOF}
*HEADER {GON}F,,,,,,,,,G{GOF}
*CAPTIONL {TERMPOS(1,2)} {GOF}1.LISTF{GON}
LISTF @.PUB.VESOFT
INPUT ANS,"Press [RETURN] to continue."

Figure 3. - Visual Switches

*START
SETVAR ESC CHR(27)
SETVAR FX0 ESC + "&d@"
SETVAR FX1 ESC + "&dH"
*IF HPUSER = "MANAGER" THEN
*CAPTION LISTF
LISTF @.PUB.VESOFT
INPUT ANS,"Press [RETURN] to continue."
*ELSE
*CAPTION {FX1}LISTF{FX0}
ECHO Error: You must be MANAGER to do this option
INPUT ANS,"Press [RETURN] to continue."
*ENDIF

Figure 4. - Menu Timeout

*START
SETVAR ESC CHR(27)
*CAPTION LISTF
LISTF @.PUB.VESOFT
INPUT ANS,"Press [RETURN] to continue."
*ENTERSELECTION
ECHO ![ESC + "&f2a1k16d1L   F1   CHOICE 11"] ![ESC + "A"]
ECHO ![ESC + "&jB"] ![ESC + "A"]
ERRCLEAR
NOMSG INPUT VEMENUSELECTION,"Press F1 or E :";WAIT=30
IF CIERROR = 9003 THEN
 ECHO
 ECHO Menu inactive. Logging out.
 END
ENDIF