If SECLVL is greater than 0, the Security Facility checks to see that the PERSON entity-occurrence is related to at least one and no more than two AUTHORIZATION entity-occurrences beginning with $DD-.
If there are two, one of them must be $DD-SEC-ADM. This is a special authorization for the CA Datacom Datadictionary Security Administrator. The $DD-SEC-ADM AUTHORIZATION entity-occurrence cannot be deleted or modified and must always be related to at least one PERSON entity-occurrence.
All other AUTHORIZATION entity-occurrences beginning with $DD- are user-defined, with the exception of $DD-ADM, $DD-COP, $DD-UPD, and $DD-DIS. These are maintained for compatibility with earlier versions.
AUTHORIZATION entity-occurrences are related to one or more special SYSTEM entity-occurrences or one or more TABLE entity-occurrences in PROD status with a DD-ENTITY-TABLE attribute-value of Y. These relationships determine what facilities the user is authorized to use and which entity-types can be accessed. In addition, for the entity-types, the functions that can be performed and the statuses accessible are defined by these relationships.
Note: The CA Datacom Datadictionary Security Facility does not read all of this information at execution time. It reads the condensed information from the CA Datacom Datadictionary High-Speed Directory (HSD). This HSD member is the "cataloged" profile.
|
Copyright © 2014 CA.
All rights reserved.
|
|