Determine the Web Services Security Requirements for MODHLI Data Sets

How to Enable Web Services › How to Configure CA Endevor SCM for Web Services › Determine the Web Services Security Requirements for MODHLI Data Sets

Determine the Web Services Security Requirements for MODHLI Data Sets

To enable client programs to access the API, your security administrator may need to enable user access to MODHLI data sets. The CA Endevor SCM administrator must determine the security requirements for MODHLI data sets.

Follow these steps:

View your C1DEFLTS table, to see if a MODHLI value is coded in the TYPE=MAIN section of the table.
- If the MODHLI value is coded, your security administrator must grant all user IDs access to all data sets with the MODHLI high-level qualifier (HLQ). This requirement applies to access under all security products including RACF, CA Top Secret, or CA ACF2.
  The reason for this requirement is as follows. For a client program to access the API, the user ID sent to CAICCI to spawn the pool STCs and the user IDs that issue requests to Web Services must have read/write access to these data sets. To enable this, the MODHLI parameter causes the data set names to be built with this format:
```
modhli.Dyyddd.Thhmmss.STCnnnnn.ddname
```
  STCnnnnn, ddname
  
  The job ID and ddname that is the unique qualifier for one of the nine API related files (APIMSGS, C1MSGS1, and so on).
- If a MODLHI value is not coded, then security is not affected, because the temporary data sets names are built by the operating system with the standard temporary data set HLQ in the following format: SYSyyddd.Thhmmss.RA000.jobname.nnnnnn
Tell your security administrator to grant all user IDs access to all data sets with the MODHLI high-level qualifier (HLQ), if the MODHLI value is coded in C1DEFLTS.