In this example, the user only has permission to execute the EXEC CICS SPOOLOPEN INPUT commands:
TSS ADDTO(deptacid) SPI(JESSPOOL)
TSS PERMIT(acidname) SPI(JESSPOOL)
ACCESS(SET)
In this example, the user only has permission to execute the EXEC CICS SPOOLOPEN INPUT commands:
TSS ADDTO(deptacid) SPI(JESSPOOL)
TSS PERMIT(acidname) SPI(JESSPOOL)
ACCESS(SET)
To have CA Top Secret spool protection and protect the userid in a particular CICS facility, define them as ABSTRACT resources as shown in the following examples.
Using the commands shown next, the user only has permission to execute the EXEC CICS SPOOLOPEN INPUT USERID commands.
TSS ADDTO(deptacid) ABSTRACT(ext writer name)
TSS PERMIT(acidname) ABSTRACT(ext writer name)
EXEC CICS SPOOLOPEN OUTPUT USERID(userid)
In this example, the user only has permission to execute the EXEC CICS SPOOLOPEN OUTPUT USERID commands.
TSS ADDTO(deptacid) ABSTRACT(userid)
TSS PERMIT(acidname) ABSTRACT(userid)
The EXEC CICS QUERY SECURITY command and its functions are fully supported by CICS. See the IBM CICS Application Programmers Reference and CICS/ESA CICS‑RACF Security Guide for more information.
Note: The QUERY SECURITY command as provided by IBM allows a limited number of access levels to be checked which do not always correspond to all access levels supported by CA Top Secret. However, the CA Top Secret application interface supports all access levels.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|