Pointers to Security Data
When the user is successfully signed on, a signon control block (SON) is constructed. User authority data is brought into memory and linked to the SON, as shown in the following illustration:
┌─────────────┐ ┌───────────────────────────┐ │ USER SON ├─────────► USER-GROUP LIST │ └──────────┬─┬┘ └───────────────────────────┘ │ │ │ └─────────────────────────┐ ┌──────────────────┐ │ ┌──────────────────┐ │ ┌┴─────────────────┐│ └─────► caTEGORY BIT MAP │ │ ┌┴─────────────────┐├┘ └──────────────────┘ └───► ACTIVITY BIT MAP ├┘ └──────────────────┘
When Data is Linked to the SON
The following table shows when the various security data are brought into memory and linked to the SON.
|
Security data |
Brought into memory |
|---|---|
|
User-group list |
During signon |
|
category bit map |
At the first security check which requires categories |
|
Activity bit map |
When the application issues its first activity security check |
Retaining Signon Information
You can specify that CA IDMS should retain signon information originating from external request units (ERUs). In some situations this provides a performance benefit.
To retain ERU signon information, specify SGNRETN=time-interval on the initial #SECRTT macro.
Note: For more information, see #SECRTT.
|
Copyright © 2014 CA.
All rights reserved.
|
|