Print Page as PDF
INVOKE DUZ-XUP Non-HL7 ICR (7487)

INVOKE DUZ-XUP Non-HL7    ICR (7487)

Name Value
NUMBER 7487
IA # 7487
DATE CREATED 2024/08/19
CUSTODIAL PACKAGE KERNEL
USAGE Private
TYPE Routine
DBIC APPROVAL STATUS APPROVED
ROUTINE XUP
NAME INVOKE DUZ-XUP Non-HL7
GENERAL DESCRIPTION 
Temporary solution for Scheduling application, as there
exists a gap in the RPC Broker and VistALink that cannot meet Scheduling
needs. A POAM has been created to track this risk.

RISK: The risk being that Kernel is not part of the validation of user
credentials when changing the identity of the user when invoking DUZ-XUP.

GAP: The gap is the need for Scheduling to share a single connection session,
initially owned by an approved IAM Service account (non-person, Remote
Application), with different Scheduling users (persons), by being able to
change both the user and the Broker context.
STATUS Active
KEYWORDS
  • AUTHENTICATION
  • AUTHORIZATION
DURATION Till Otherwise Agreed
ID XUP
COMPONENT/ENTRY POINT
COMPONENT/ENTRY POINT VARIABLES
DUZ(IEN)
VARIABLES TYPE VARIABLES DESCRIPTION
IEN Input 
The required input parameter to DUZ^XUP(IEN) is the
internal entry number into file 200.  This is the user IEN of the user that
you want to set the DUZ value and DUZ array to.
DUZ Output 
This procedure returns variable DUZ equal to the
input parameter.  Also, components of the DUZ array are set-up as well.
SUBSCRIBING PACKAGE
SUBSCRIBING PACKAGE SUBSCRIBING DETAILS
SCHEDULING 
See the main description.  Effective with patch
SD*5.3*886. Scheduling receives RPCs requests from front end applications that
pass these requests through Acheron (middle tier) which directs the RPC call
to the appropriate VistA system. Acheron is validated by its Remote
Application Entry which sets the VistA DUZ array equal to this Remote
Application Entry. For auditing purposes, Acheron also sends in the DUZ of the
authenticated user from the front end application who is triggering the RPC
request. Scheduling needs to reset the local DUZ array equal to the previously
authenticated front end user so that the updated records in the Scheduling
files will reflect the actual user who made the updates as opposed to the
Remote Application Entry for Acheron.
DATE ACTIVATED 2025/03/19