External Security Specifications
In each SRTT entry that specifies external security, you define the format of the resource name that will be routed to the external security system in a security check. At runtime, the central security interface uses this information to map the IDMS internal resource name to the external resource name before routing the request for a security check to the external system.
Standard Security Interface
CA IDMS centralized security uses IBM’s System Authorization Facility (SAF) as the interface to external security systems. On a security check, IDMS centralized security issues RACROUTE calls providing the names of resource type and resource occurrence being checked and the keyword that equates to the authority needed.
Security Definitions
You do not need a user catalog if you plan to protect all CA IDMS resources with an external system. All required definitions would reside in the external security system. The one requirement within CA IDMS would be to build the SRTT with external security specifications for all secured resources.
However, user definitions and user profile definitions are accessed during signon processing if they exist, regardless of how signon is secured. Therefore, you may wish to use the user catalog even if all security checks are routed to the external system. For more information about profiles in signon processing, see Securing User Profiles.
|
Copyright © 2014 CA.
All rights reserved.
|
|