In the "plugins" directory on the client machine, (i.e. the directory containing "NPacu32.dll"), there is an authorization file called "acuauth.txt". It contains one line that specifies a list of directories where COBOL programs may create or delete files and subdirectories. FILE-PREFIX is initially set to this list. This overrides any FILE-PREFIX setting that you have in the configuration file included with your object library. The COBOL program may use ACCEPT FROM ENVIRONMENT to get the initial value of FILE-PREFIX and add to it or reset it. APPLY-FILE-PREFIX may come in handy for existing programs.
The default "acuauth.txt" file contains the path to a temporary directory. This allows applications that create local temporary files to work immediately. If a COBOL application requires access to other directories or disks on the user's machine, it should instruct the user to add those directories to the "acuauth.txt" file. For example, if an application receives file status "37,07" (access denied) when trying to open a file on the local machine, it can display a message to the user indicating the problem and instruct the user to add the directory to the end of the first line of the "acuauth.txt" file. Note that all files and folders of the directories in this file become accessible.
By default, COBOL programs that are run using the plug-in are not allowed to call the following library routines: C$CHAIN, C$MEMCPY, C$RUN, M$ALLOC, M$FREE, M$GET, M$PUT, C$SYSTEM, REG-CREATE-KEY, REG-CREATE-KEY-EX, REG-DELETE-KEY, REG-DELETE-VALUE, REG-SET-VALUE, REG-SET-VALUE-EX, and SYSTEM. Calling any of these routines results in a failure. If the CALL statement has no EXCEPTION phrase, the plug-in displays the message "call_name: Access denied", where 'call_name' is the name of the library routine and where 'call_name' terminates the COBOL program. C$CALLERR returns error code 23 if access was denied for the previous CALL.
If you want to allow programs executed by the plug-in to call a library routine that is normally disallowed, you should instruct your users to add a line to the "acuauth.txt" file containing the name of the routine. In addition, if you want to allow programs executed by the plug-in to call DLLs, instruct your users to add a line containing the word "DLL."
To minimize the amount of work required by users, we recommend that you write your application in such a way that resources are always accessed remotely (using AcuConnect and AcuServer). If your application requires access to local resources or local network resources, then your users will have to edit the plug-in authorization file accordingly.