|
|
|
Select the CA XCOM Data Transport SAF Interface by specifying SECURITY=SAF in the CA XCOM Data Transport Default Options Table, or specify SAF by overriding the SECURITY parameter on the CA XCOM Data Transport EXEC statement on the CA XCOM Data Transport server (XCOMXFER) JCL.
When using SECURITY=ACF2|TOPS|RACF, the CA XCOM Data Transport server runs under its own ACEE and the security checks are done using the specified external security package.
With the CA XCOM Data Transport SAF Interface , the transfer runs under one of the following ACEEs:
The ACEE is built using the IBM BPX1SEC callable service which invokes whichever external security package is in control of the CA XCOM Data Transport Server address space. This eliminates the need to give the CA XCOM Data Transport server READ/WRITE/UPDATE access to all data sets that are to be transferred using this server, as long as the user whose ACEE is used for a particular transfer has the proper accesses to the resources.
Because SECURITY=SAF is used only for the actual transfer process, it should not be used with the CA XCOM Data Transport XCOMPLEX Admin Server (XCOMXADM).
The use of the IBM BPX1SEC callable service has the following requirements:
The following example show the CA Top Secret commands necessary to grant proper access.
Note: If you have SECURITY=ACF2 or SECURITY=RACF, see your CA ACF2 or IBM RACF documentation as required.
To grant access to the BPX.SERVER
Issue the following CA Top Secret command:
TSS PER(xxxxxxxx) IBMFAC(BPX.DAEMON) ACC(READ)
The ACEE of the CA XCOM Data Transport Server.
| Copyright © 2012 CA. All rights reserved. |
|