Web Services › How to Enable Security Access to Web Services › Security Software Customization for Web Services › Configure CA ACF2

Configure CA ACF2

If your site uses CA ACF2, you must configure CA ACF2 so that all authorized users can initiate WSEWSSTC correctly as a started task. To configure CA ACF2, you create an STC login, verify that the dataset access is correct, and define a resource class. This section is only a sample of how your site can set up security. For more information about setting up started task security, see your CA ACF2 documentation or contact Technical Support for CA ACF2.

To configure CA ACF2

1. Create an STC logon ID named ENDEVOR for the WSEWSSTC started task by entering the following commands:

   ACF
   INSERT ENDEVOR NAME(ENDEVOR) STC
   

2. Verify that the ENDEVOR logon ID is defined with site-specific logon ID fields such as those fields used to create the UID string.

   Note: For instructions to create CA ACF2 logon ID records, see the CA ACF2 Administration Guide.

3. Verify that the ENDEVOR logon ID has access to all required datasets by writing CA ACF2 ACCESS rules for the logon ID.

   Note: For instructions to write these rules, see the CA ACF2 Administration Guide.

4. Define a resource class called FACILITY and assign a resource type code of FAC. Perform these steps to do so:
   1. Enter the following commands to create the CLASMAP record for the

      FACILITY resource class:
      ACF
      SET CONTROL(GSO)
      INSERT CLASMAP.FAC RESOURCE(FACILITY) RSRCTYP(FAC)
      

   2. Enter the following commands to add the FAC resource type code to the CA-ACF2 GSO INFODIR record:

      SET CONTROL(GSO)
      CHANGE INFODIR TYPES(R-RFAC)
      

   3. Do one of the following to activate the CLASMAP and the INFODIR record change:
      • Restart the CA-ACF2 address space.
      • Enter the following commands:

            F ACF2,REFRESH(CLASMAP)
            F ACF2,REFRESH(INFODIR)
        

   Note: For more information about maintaining CA-ACF2 GSO records, see the CA ACF2 Administration Guide.

5. Create a FACILITY resource rule record called ENDEVOR and grant users access to this resource by issuing the following commands:

   ACF
   SET RESOURCE(FAC)
   COMPILE */pds.name
   $KEY(ENDEVOR) TYPE(FAC)
   UID(user1 uid string) ALLOW
   UID(user2 uid string) ALLOW
   .......
   STORE
   

6. Enter the following command to rebuild the FAC directory:

   F ACF2,REBUILD(FAC)
   

   Note: For instructions to write CA ACF2 resource rules, see the CA ACF2

   Administration Guide.