question

Upvotes
Accepted
185 6 12 25

PE list is empty still CBE check succeeding

tutorial5-TSCO.txt

Hello, we are using RFA 8.1 C++ api and Open DACS Api's to consume market data. We were testing DAC set up with one of our mutual client. For a certain DAC user who was not entitled for London Stock Exchange, we were receiving permission data in Refresh message. We used sample application provided with DACS api "OpenDac-C++-tutorials - Tutorial5" to test CBE entitlement result. As you can see in attached logs and screenshot, CBE check was succeeding.

As you can see in attached screenshot[marked in yellow], PE list was empty. Our questions is how CBE check is marked as succeeding even when PE list was empty? Is tutorial code incorrect or incomplete?


1687151332095.png


rfa#productrfa-apiDACSopen-dacs
1687151332095.png (55.5 KiB)
tutorial5-tsco.txt (10.6 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Accepted
78.6k 248 52 74

@mktdata

Thanks for reaching out to us.

If you call the AuthorizationAgent::checkSubscription() method without specifying an AuthorizationLockData (DACS Lock), it is a subject-based entitlement (SBE) check. It will return "succeeded" if the SBE is not enabled on the service.

To perform the CBE checks, you need to pass an AuthorizationLockData (DACS Lock) when calling the AuthorizationAgent::checkSubscription() method.

I hope that this information is of help.



icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@Jirapongse , Can you check screen shot from sample application provided with DACS api "OpenDac-C++-tutorials - Tutorial5" below and let us know if it is correct?

In below code, when DACS lock is decoded[yellow mark in screen shot], it shows there is no PE code in it. Still CBE check succeeds.



Caller of "checkSubCBE" :-


Implementation of "checkSubCBE" :-

1687163113730.png



1687162972977.png (20.0 KiB)
1687163113730.png (54.5 KiB)
Upvotes
78.6k 248 52 74

@mktdata

Yes, if the DACS lock contains only the service ID and the service ID is valid, the API will return allowed.

1687251672290.png

However, if the DACS Lock contains a PE (258) and the user is not allowed to get data from that PE, the access will be denied.

1687251712590.png



1687251672290.png (164.0 KiB)
1687251712590.png (170.9 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.