Database Resources
The security option in the SRTT for the DB resource type determines whether database resources other than DMCLs and database name tables (DBTB) are secured externally, internally, or not at all.
SRTT entries for resource types other than DB, DMCL, and DBTB are used in runtime security processing only if security for DB is external; in that case, the SRTT entry is used only to determine the external resource class and resource name to send with the security check request to the external system.
The following table lists CA IDMS database resources and their keyword equivalents for the #SECRTT RESTYPE parameter:
|
Database resource |
RESTYPE keyword to secure resource |
RESTYPE keyword for external information |
|---|---|---|
|
Database |
DB |
DB |
|
DBADMIN privilege |
DB |
Not applicable |
|
Access module |
DB |
DACC |
|
Area |
DB |
AREA |
|
Run unit |
DB |
NRU |
|
SQL-defined schema |
DB |
QSCH |
|
Non-SQL-defined schema |
DB |
NSCH |
|
Table |
DB |
TABL |
|
Database name table |
DBTB |
DBTB |
|
DMCL |
DMCL |
DMCL |
DB Occurrence Overrides
You can specify DB occurrence overrides in the SRTT. For example, if security for databases is off but you add an internal security occurrence override for database PROD, the runtime system will route a security check on a database resource to internal security if the database name on the current security request begins with 'PROD'.
You cannot override the automatic assignment of the DB security option to the other database resources. For example, if security for DB is off, security for the AREA resource type is also off and the security option specified on the SRTT entry for AREA is ignored. However, external resource class and name information in an SRTT entry for a database resource type such as AREA is used if external security is specified on the entry for DB or on a DB occurrence override.
|
Copyright © 2014 CA.
All rights reserved.
|
|