Essential to the Security System
The SRTT is the essential foundation of the CA IDMS security system because a resource is unsecured unless security for it is specified in the SRTT.
To secure a resource externally, you must include information in the SRTT that identifies the resource to the external system. This information must include an external resource class and an external resource name.
For external security, you do not need to create any resource definitions within CA IDMS itself.
SRTT Entries for External Enforcement
You maintain the following information in the SRTT about resources that are secured externally:
Certain keywords are reserved for resource types defined by CA IDMS. You can specify any one- to four-character keyword to define your own resource type as long as the meaning of and rules for the resource type are defined in your external system.
Note: For keywords reserved by CA IDMS, see #SECRTT.
Specifying External Resource Class and Name
An external security check on a resource occurrence depends upon an external resource class and external resource name supplied on the entry for the resource type in the SRTT. External resource classes and names specified on occurrence overrides are ignored by the runtime system.
Therefore, you must create an SRTT entry with the external resource class and name for a resource type whether you are securing all occurrences of the resource type externally or only some occurrences.
In the following example, an SRTT entry for tasks is created even though the specified security option is 'OFF'. The purpose of the entry is to provide information needed to perform an external security check on the OPER task, for which external security is specified in the occurrence override that follows.
#SECRTT TYPE=ENTRY, X
RESTYPE=TASK, X
SECBY=OFF, X
EXTNAME=(RESTYPE,RESNAME) X
EXTCLS='IDMSTASK'
#SECRTT TYPE=OCCUR, X
RESTYPE=TASK, X
RESNAME='OPER', X
SECBY=EXT
|
Copyright © 2014 CA.
All rights reserved.
|
|