Use the APPL keyword to protected online applications that interface with CA Top Secret through the z/OS System Authorization Facility (SAF). You can use this keyword to identify the application name of the LU to which a conversation request can be sent to secure APPC conversations.
Applications must first be owned before being authorized. Use a TSS CREATE/ADDTO APPLICATION entry then use a TSS PERMIT APPLICATION entry to specify authorizations.
Example: protect an application
This example adds the PAYP application to DEPT01:
TSS ADDTO(DEPT01) APPLICATION(PAYP)
The APPLICATION keyword identifies this resource class in the RDT.
For the IMS batch message processing regions (BMP) and message processing regions (MPP), use its Application Group Name (AGN) as the APPLICATION keyword's operand.
CA Top Secret will not remove ownership unless all permissions are revoked.
To remove ownership of an application
TSS REVOKE(USER01) APPLICATION(PAYP)
TSS REMOVE(DEPT01P) APPLICATION(PAYP)
Application ownership can be designated using generic prefixes. Once a prefix is owned, any application beginning with that prefix is protected and must be permitted to other ACIDs.
Example: generic prefixing
This example gives ownership of applications that begin with the prefix PAY to the ACID PAYDEPT:
TSS ADDTO(PAYDEPT) APPLICATION(PAY)
Applications cannot be restricted using access levels or the program pathing option. Use the TSS PERMIT command function to let designated users access the indicated applications in an unlimited or a restricted manner.
Example: authorize access
This example allows USER01 to use the application PAYP through the batch facility:
TSS PERMIT(USER01) APPLICATION(PAYP)
FACILITY(BATCH)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|