IBM GC28-1920-01 manual Service, Changes to the Class Descriptor Table, Programming Interfaces

Page 77
New Application Authorization

For more information on the convert_id_np (BPX1CID) callableOS/390service, s OpenEdition Programming: Assembler Callable Services Reference. The C

language support for the __convert_id_np() OS/390is discussedR2 C/C++ in Run-Time Library Reference

New Application Authorization

Service

 

 

 

 

 

 

 

 

 

 

 

A DCE application server on OS/390 can

use

DCE

security

services

for

a

control to resources that

are owned

by

the

application

server. As

a

the application developer can use

RACF

for

access

control

for

the

se

that are managed by the application server.

 

 

 

 

 

 

Consider

that application

servers

that

use

 

DCE

services

exclusively

on

the most portable to platforms that support

DCE. If

portability

is

no

concern and the application developer wishes to centralize access co

information in RACF, the application

developer

can consider

using

the

 

auth_check_resource_np service.

 

 

 

 

 

 

 

 

 

 

Through OS/390 OpenEdition MVS, a new a callable service

auth_check_resource_np (BPX1ACK) enables application servers to invoke R authorization services. This callable service is also supported by th library through the __check_resource_auth_np() function call. This ser application servers to perform authorization requests for resources t to RACF general resource classes.

For more information on the auth_check_resource_np callableOS/390service, s OpenEdition Programming: Assembler Callable Services Reference.

Changes to the Class Descriptor Table

The maximum length of profile names has changed for the following clas

ŸINFOMAN

ŸGINFOMAN

ŸJCICSJCT

ŸKCICSJCT

This change might require changes to customer code which uses these

ŸRACROUTE REQUEST=FASTAUTH

Ÿ RACROUTE

REQUEST=AUTH,

DEFINE, or EXTRACT, if the ENTITY keyword

is used

instead of

ENTITYX

IBM products should not need changes, because their usage of these compatible with this change.

Programming Interfaces

For a summary of changes to the programming interfaces for RACF for Release 2, see:

Ÿ “Class Descriptor Table (CDT)” on page 13

Ÿ “Data Areas” on page 16

Ÿ “Exits” on page 16

Chapter 10. Application Development Considerations53

Image 77
Contents Place graphic in this area. Outline is keyline only. DO NOT PRINT Security Server RACF Planning Installation and MigrationOS/390 Page OS/390 1996. All Second Edition, SeptemberPage Page Migration ContentsAuditing Considerations Administration ConsiderationsCustomization Considerations Index Operational ConsiderationsChapter 10. ApplicationPage Figures Page Notices Trademarks About This Book How to Use ThisWho Should Use This Book xiiiSoftcopy Publications Where to Find More InformationŸ The OS/390 Security Server RACF Information , PackageSK2T-2180 ServerElements of Security RACF Installation - Student GG24-3971Notes Administration, H3927Using the Ÿ Tutorial Options for Tuning GG22RACFIBM Discussion Areas Other Sources of InformationInternet Sources listserv@uga.cc.uga.eduTo Request Copies of PublicationsFeatures OS/390xviii Product ServiceŸ OpenEditionOSA/SF V2R5TSO/EPage Summary of Changes Page Migration Migration Planning ConsiderationsChapter 1. Planning Customization Considerations Installation ConsiderationsAdministration Considerations Operational Considerations Auditing ConsiderationsApplication Development Considerations General User ConsiderationsPage New and Enhanced Support Chapter 2. Release Overviewidentifies OS/390 OpenEdition DCEfunction introduced in OS/390 ReleaseCheck ConceptsAuditing the Passing of Access Rights Authorizing and Auditing Server Access to the CCS and WLM ServicesOS/390 OpenEdition SOMobjects for MVSRRSF Network Multisystem Nodesnon-main systemsTARGET OS/390 Enable and Disable FunctionsYear 1.10 NetViewclasses Facilityupdated for Function Not Upgradedidentifies function thatRelease Components for3. Summary of Class Descriptor Table CDTlists classes Commandswhich thereChapter 3. Summary of Changes to RACF Components for OS/390 15Release CommandExits Data Areaslists changed general-use programming interface GUPI data areMessages MacrosFigure 12 lists changes RACF macrosChanged Messages New MessagesMessages RACF Database Split/Merge Utility IRRUT400Publications Library PanelsRoutines Figure 13 lists RACF panels that areTemplates SYS1.SAMPLIBFigure 16 identifies changes to RACF members of SYS1.SAMPLIB RACROUTE REQUEST=EXTRACTTemplate UtilitiesFigure 18 lists changes to RACF utilities for OS/390 Release 0280 UtilityRACF Planning Installation and Migrationfor RACF OS/390 Security Server RACF Planning Installation and forMigrationChapter 4. Planning Considerations Migration StrategyHardware Requirements RACF Planning Installation and Migrationfor RACF 2.1, andSoftware Requirements RACF Migration and Planning for RACFRequirements CompatibilityCompatibility Considerations for Remote Sharing Page Enabling RACF Chapter 5. Installation ConsiderationsConsiderations Networksconfigured installationare in your existing workspace data sets when you install multisystem Rmust Chapter 5. Installation Considerations29nodename prefixsysname local-luprefix.local-node.local-node .INMSG Virtual Storage RACF Storage ConsiderationsThis section discusses storage considerations for RACF Figure 21 estimates RACF virtual storage usage, for planning purposesSubpool Customer Additions to the CDTOS/390 Release Templates for RACF oninformation, OS/390see Security Server SystemExit Processing Chapter 6. Customization Considerationsand IRRSXT00 Effects of OS/390 OpenEdition DCERACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01 IRRSXT00 Installation ExitServer RACF Security Administrators. Guide Chapter 7. Administration ConsiderationsCross-Linking Between RACF Users signonActivating DCEUUIDS ClassSignon to the DCE Encryption Key single signon restrictionsOpenEditionsee DCE Administration .GuideOS/390 OpenEdition DCE Application Considerations Threads and OpenEdition Planning, and inOS/390 OpenEdition Programming AssemblerLibrary Reference callable servicepthread orsecuritynp Changes to RACF Authorization ProcessingRestrictions Enhancements to the Rdceruid Callable ServiceUtility SYSMVIEW Chapter 7. Administration Considerations43Page SMF Records Chapter 8. Auditing ConsiderationsAuditors Guide and OS/390 Server RACF MacrosInterfaces ServicesAuditing New OS/390 Auditing SystemView for MVS Support Auditing OS/390 OpenEdition DCE SupportReport Writer SMF Data Unload UtilityPage OS/390 Security Server RACF Command Language Referencefor more CommandChapter 9. Operational Considerations Enabling and DisablingPage 2000 Support Chapter 10. Application Development ConsiderationsServers 01yydddFpthread the securitynp New Application Services and SecurityNew Application Authorization ServiceChanges to the Class Descriptor Table Programming InterfacesŸ “Routines” on page Ÿ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on pageConsiderations Chapter 11. General UserOpenEdition Reference forPage APAR OW14451 Chapter 12. NJE ConsiderationsOW08457 After Applying the PTFOW08457 Actions RequiredUACC NODESFAILSAFE APAR OW15408GROUP Page Migrating an Existing Chapter 13. ScenariosNodes RRSFOn MIAMI2 prefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVEprefixTARGET NODEORLANDO DELETE prefixTARGET NODEMIAMI2 DELETEDELETE RACF DiagnosisOn ORLANDO Note The prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACEdirection Glossaryaccess Page programming Seegeneral-use programmingSeeinventory Seemultisystem Seelogicallogical supervisory other.single-systemtask segment andDFP classes continued Index Acontinued Page KEYSMSTR SERVERSFSCMD utilitiescontinued Page Edition OS/390 Security Server RACF Information IBM Now you can! TheIBM Online Library Productivity Page Page comments Communicating Your Comments to IBMOS/390 Security Server RACF Planning Installation and Migration Readers Comments - Wed Like to Hear from YouPublication No. GC28-1920-01 Note CopiesREPLY MAILBUSINESS IBMPage GC28-192ð-ð1 IBMDrop in Back Cover Image Here