CA WA CA 7 Edition command security includes security for top line commands, panel access, and functions within a panel. All commands have a unique resource name that can be secured using the CA Top Secret PERMIT command. This permits or authorizes users to access a given command.
The same is true for panels in CA WA CA 7 Edition. Panels have a unique panel-ID that can be specified under CA Top Secret as a resource name to restrict access to CA WA CA 7 Edition applications. Permitting access to a resource does not grant full functional authority for a given command or panel. Each panel can require an additional access level to have the authority for a function. The ACCESS keyword on PERMIT commands is used to grant additional authority levels for resources. The valid Access levels for CA Top Secret are READ, CREATE, SCRATCH, UPDATE, and CONTROL.
For a list of CA WA CA 7 Edition commands and panels and their associated resource names, see Security Tables.
The following examples illustrate the use of the CA Top Secret PERMIT command to authorize access to CA WA CA 7 Edition commands and panels.
Note: When defining access to command and panel resources for CA WA CA 7 Edition, the resource type must be PANEL. This is the resource type used during security calls to external security.
This command has the following format:
TSS PERMIT(CA7USER) PANEL(L2DB1)
Specifies the CA Top Secret command used to authorize access to a resource.
Specifies the user ACID to receive READ access to panel resource L2DB1.
Specifies the resource type followed by the resource name to which this command applies. The L2DB1 is the resource name associated with the DB.1 panel in CA WA CA 7 Edition. If you have specified a resource type other than PANEL (see the SECURITY statement PCLASS keyword), substitute that value for PANEL.
Note: The default access granted in the example PERMIT command shown previously is READ.
This command has the following format:
TSS PERMIT(CA7USER) PANEL(L2DB1) +
ACCESS(READ,CREATE,SCRATCH,UPDATE,CONTROL)
Specifies the CA Top Secret command used to grant access to a resource.
Specifies the user ACID to receive access to panel resource L2DB1.
Specifies the resource type followed by the resource name to which this command applies. The L2DB1 is the resource name associated with the DB.1 panel in CA WA CA 7 Edition.
Specifies the CA Top Secret keyword used to indicate specific access to a resource.
Grants READ access only to the indicated resource.
Grants creation authority to the indicated resource.
Grants scratch authority to the indicated resource.
Grants update authority to the indicated resource.
Lets you specify certain controlled accesses such as a time of day. For more information about the CONTROL parameter, see the CA Top Secret Command Options Guide (for z/OS).
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|