The cross‑reference (XREF) setting lets you define groups of sources or groups of resources for CA‑validation processing. You need to define the sources or resources in a group only once. Then use the group's name whenever you need to specify the same group again.
For example, to let users access a system only through a particular group of terminals, you could define the individual terminals in the group and assign the group a source group name in an XREF source group (X‑SGP) record. You then need to specify only the source group name, rather than each individual terminal, in the SOURCE field of the users' logonid records.
During system entry validation, CA ACF2 for VM matches the group of terminals defined in the X‑SGP record with the source group named in the logonid records to discover which terminals the users are permitted to use to enter the system.
This cross‑reference concept applies to resource grouping too. For example, to let users access only a particular group of transactions, you could define the individual transactions in the group and assign the group a resource group name in an XREF resource group (X‑RGP) record. Then specify the resource group name in the resource rule record key and write only one resource rule for the entire group of transactions. You save yourself the work of writing a rule for each transaction.
During resource access validation, CA ACF2 for VM matches the group of transactions defined in the X‑RGP record with the resource group named in the resource rule to discover which transactions the users are permitted to access.
This chapter describes:
X‑RGP record samples
This section contains the following topics:
Cross-Reference Source Group (X-SGP) Records
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|