WebCenter uses a full security exit providing an administrator resource and a user resource. The administrator resource is for systems programmers who administer a region through the 3270 interface. The user resource is for operators who access a region through the web interface to monitor system applications. Unless your site has changed the name of these resources, they are OP$MVS.WEBADMIN and OP$MVS.WEBUSER. You use these resources to configure the user security. The PARMLIB(SXPOW0i) member defines the resource profiles.
The following examples grant USER1 administrator authority and USER2 user authority using different security products.
Example: CA ACF2 for z/OS
To define the security resources and grant users access to a region, issue CA ACF2 for z/OS commands in TSO, for example:
[ACF] SET RESOURCE(FAC) COMPILE * $KEY(OP$MVS) TYPE(FAC) WEBADMIN UID(USER1) SERVICE(READ) ALLOW WEBUSER UID(USER2) SERVICE(READ) ALLOW STORE [END]
Example: CA Top Secret for z/OS
To define the security resources and grant users access to a region, issue CA Top Secret for z/OS commands in TSO, for example:
TSS ADDTO(acid) IBMFAC(OP$MVS) TSS PERMIT(USER1) IBMFAC(OP$MVS.WEBADMIN) TSS PERMIT(USER2) IBMFAC(OP$MVS.WEBUSER)
Example: RACF
To define the security resources and grant users access to a region, issue RACF commands in TSO, for example:
RDEFINE FACILITY OP$MVS.WEBADMIN UACC(NONE) RDEFINE FACILITY OP$MVS.WEBUSER UACC(NONE) SETROPTS RACLIST(FACILITY) REFRESH PERMIT OP$MVS.WEBADMIN CLASS(FACILITY) ID(USER1) PERMIT OP$MVS.WEBUSER CLASS(FACILITY) ID(USER2)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|