Mar 1 ’06
Why Session Managers Still Matter
It wasn’t long ago that IT staff needed to repeatedly logon and logoff a single non-programmable terminal to access different applications. It wasn’t unusual, either, to find two or more terminals in a developer’s office, each with the ubiquitous “Far Side” cartoon attached. By the early ’80s, a software solution emerged to address that inconvenience. Homegrown “session switchers” did little more than permit toggling between active host applications. Typically, there was no interface and no ability to communicate between applications; nonetheless, the switchers measurably improved productivity.
The second generation of host session managers was more overt. Users logged on or were otherwise connected to an interface that presented an application list. From there, applications could be launched and logons could be navigated using basic session management scripts. Second-generation session managers had primitive menu displays with hard-coded session values, cryptic PF-key sequence controls, and took little advantage of available host graphical capability.
As more organizations adopted session managers as their host “portals,” these tools took on mission-critical status. What was originally developed as a productivity tool for programmers was now the enterprise interface—the point through which users accessed all applications. Increased dependency and workload drove much of the innovation still used today.
With today’s stable third-generation session managers, green-screen background application sessions can be navigated to transparently perform routine functions or to interact with each other while a user interacts with a new interface. New applications can be easily developed, too. Aesthetically pleasing use of color and Graphical User Interface (GUI) functions were introduced with these session managers; they exploited the APL character set and subscribed to IBM’s Systems Application Architecture Common User Access (SAA/CUA) guidelines (see Figure 1). Animation was even possible.
A decade had passed and, while session manager technology grew more reliably stable, interesting things occurred elsewhere in the industry: The mainframe had died, was reborn, and according to a landmark Datamation cover depicting Tony Bennett singing alongside an S/390, the mainframe was deemed “cool.”
Through it all, a commitment to the “Big Iron” has persisted. Most recently, IBM’s Mainframe Charter, “a framework for planned future investment with the goal of delivering ongoing value to mainframe customers,” provides clarity to those organizations that may have otherwise held a cautious position.
Today, if an enterprise has zSeries hardware, they’re probably using a session manager to manage access to their host applications. But whether these venerable tools are used solely for centralized access or are more creatively exploited, they’re still critical to an organization’s success.
Traditional Session Manager Functionality
A session manager’s most fundamental attribute is its ability to permit users to connect from it to multiple applications, toggling between them as necessary. Many sites either LOGAPPL all devices to their host session manager’s entry point APPLID or name that APPLID as the DEFAULTAPPL in their TELNETPARMS. In that way, the mere act of either powering on a non-programmable terminal or launching a TN3270 emulator presents the user with a list of available host applications; a portal to the host, so to speak. Full-function session managers provide more comprehensive portal operation such as first querying the host security system or group-level profile to present only those sessions for which the user has interest or authorization.
Other functions typical session managers provide that are particularly beneficial to organizations include:
- Inbound and outbound datastream compression
- The ability to maintain persistent sessions across device disconnect/reconnects (so-called “portability” to take over active sessions)
- LOGMODE mismatch toleration
- The ability to map the virtual terminals presented to applications to physical terminals or IP addresses of end users.
A particularly useful feature of session managers is their ability to programmatically navigate “virtual sessions”; that is, the sessions they maintain between the address space and the target applications on behalf of users. Most session managers permit users to code (or record) scripts to automatically logon to an application and cleanly log-off from applications. Advanced session managers permit scripts to be launched with a hotkey or trigger to populate fields on a virtual session from either a static file or another application; for instance, an order entry user might automatically query an inventory application simply by invoking a hotkey. Depending on the richness of the session manager, much more is possible.
Features of a Robust Session Manager
The hallmark of zSeries is its resilience. Applications running on that platform should do nothing to compromise reliability. A well-architected session manager supports perhaps thousands of users and tens of thousands of virtual sessions; it runs on multiple MVS Task Control Blocks (TCBs) and minimizes the number of interrupts by, for example, managing its own storage and resource serialization. Because many enterprises distribute the workload across multiple address spaces and Logical Partitions (LPARs) to either load balance or assure higher availability, most session managers are enabled for VTAM generic resource support and provide inter-address space communication.
Serviceability of the host portal is critical. To help with the administration of users, session management products typically offer real-time profile update functionality, often permitting users to be defined to groups, as well, to facilitate managing the logistics of so many users.
Comprehensive solutions also include a help desk-type feature offering capabilities such as user cancel, peek, record/play and conferencing of user sessions, broadcast messaging, user profile reporting, and resource monitoring with the ability to dynamically reconfigure run-time options and update scripts. Additionally, most session managers generate statistical and diagnostic information such as application and internal trace data and response time metrics.
Security features found in robust offerings include:
- Command validation (e.g., controlling which users can issue MVS or VTAM commands through the product, who can shutdown, etc.)
- Inactivity detection and lock screens to prevent unauthorized use of an idle session
- PassTicket support, password encryption, and mixed-case support where a password is maintained by the session manager
- Accounting and auditing metrics (SMF data, report of current and disconnected user activity).
Application integration and development features include:
- Virtual session tools (screen scraping and navigation functions)
- Full scripting syntax with string manipulation
- Arithmetic operations, parameter, and variable support
- PDS, VSAM, and sequential data set access
- Subroutine support.
For those sites not yet using host transformation tools such as IBM WebSphere Host Access Transformation Services (HATS), session managers provide GUI functions such as pop-up windows, pull-down menus, and help systems to add a new face to host applications. “Section 508”-compliant session managers can make host applications more accessible, too. Additionally, National Language Support (NLS) permits sites to localize a host application to better serve users.
Other advanced features often found in best-of-breed session managers include expanded communication (IBM Session Manager, for example, can access TCP/IP applications and CL/ SUPERSESSION provides an LU0 interface), advanced messaging and mail, background session notification, automation interfacing, printer management, specialized CICS or IMS support, an assembler or COBOL interface, and internal reader access.
Not all session managers provide all the functionality described here; organizations should weigh available features based on their own requirements to determine which solution best addresses their needs. Subjective qualities such as product stability, performance, and vendor support also should be evaluated.
Beyond Session Management
Additional value can be realized by leveraging the technology beyond simple multi-session management.
During the infamous Year 2000 crisis, for example, organizations used session manager technology and pivot year logic with the session manager acting as the intermediary to provide a compliant solution to a legacy problem. Others found relief from the subsequent euro crisis using the technology to add a new face to older applications, facilitating triangulation with underlying virtual sessions. In both cases, these quick solutions addressed a problem encountered even today: limited resources, absence of legacy skills, and lost source. Today, users may exploit the same technology to envelope a host application and enable it for the Service-Oriented Architecture (SOA).
Other creative uses include testing and task scheduling. Because they can accept or create thousands of connections, and can perform screen navigation, session managers can be used to simulate application interaction or workload. Because they’re typically continuously available makes them a critical part in an enterprise’s automation and task scheduling strategy. Some session managers have direct interfaces to automation applications; others, themselves, can facilitate this functionality.
Session Managers Still Matter
Through the years and releases, session managers haven’t lost their utility and continue to address critical business imperatives by providing centralized access and host-level security to applications and enterprise data. That relevance is further sustained by IBM’s commitment to the mainframe, which protects enterprise investment in host applications by aspiring to, as IBM’s Richard Szulewski, zSeries Market Strategist, says, “Make zSeries the most stable, most reliable platform on the planet!”
As long as there’s a mainframe, there will be a need for a portal to its resources.