The Event Management server maintains a secure environment by authenticating users as they connect to the system, verifying that individual users are permitted to access sensitive functions, and supporting delegation. All transactions that are triggered on the mainframe automatically inherit the security context of the individual signed‑on user, rather than the server. The Event Management server implements these security interfaces by integrating with your external security product. CA ACF2, CA Top Secret, and IBM RACF are all fully supported.
To perform its security functions, the Event Management server requires specific security permissions that can vary depending on which security product you have, the release of z/OS you run, and the details of the security policy you have in effect.
Create a security account for the Java and Web servers with these attributes:
In addition, all of the Event Management executable programs and DLL libraries must be marked as program‑controlled, and certain executable programs must also be marked as APF‑authorized. If you install Event Management into zFS directories, the installation process marks the appropriate files using the UNIX extattr command. The RACF users installing into PDSE libraries also mark all of the Event Management modules and libraries as PADS‑protected.
See the documentation for your security product for details about how to implement these functions.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|