Oracle Audio Technologies Oracle Tuxedo manual Security Checking from Unix to Mainframe

Page 30

Security Checking from UNIX to Mainframe

Figure 3-1depicts the process flow for security verifications from TMA TCP for CICS on UNIX to a mainframe.

Figure 3-1 Security Checking for UNIX to Mainframe Transactions

	UNIX
2
	BEA TMA TCP
	Gateway
Tuxedo
Client	1

	Mainframe
3		4
		4
		Application
Handler		Handler
Handler
		5
		Remote
		Server

1.When the TMA TCP gateway client program performs a tpinit(), the user’s Tuxedo identity is validated against the tpusr file.

2.When the client program issues a tpcall() or tpacall(), Tuxedo verifies (against the tpacl file) the user is authorized to invoke the gateway service.

3.When the gateway establishes the initial connection, connection security information (specified as RMTNAME and PASSWORD in the GWICONFIG file) is passed from the TMA TCP gateway to the remote gateway. If the RMTNAME and PASSWORD values match the values configured on the remote gateway, the connection is established.

With each request, the TMA TCP gateway passes the user’s Tuxedo identity to the remote TMA TCP for CICS gateway (to the Handler).

Note: To pass authority checking, the user’s Tuxedo identity must match the mainframe user ID exactly.

4.The remote TMA TCP for CICS gateway Handler initiates an Application Handler to act on behalf of the specified user ID.

3-2	Oracle Tuxedo Mainframe Adapter for TCP CICS User Guide

Image 30

Contents Oracle Tuxedo Mainframe Adapter for TCP Page Contents Understanding How Oracle TMA TCP for Cics Works Configuring and Administering Oracle TMA TCP for Cics Vi OracleTuxedo Mainframe Adapter for TCP Cics User Guide Programming Oracle Tuxedo Mainframe Adapter for TCP Cics Error and Informational Messages Introducing Tuxedo Mainframe Adapter for TCP Cics What You Need to KnowOracle TMA TCP for Cics Architecture Oracle TMA TCP FunctionalityDomains-based Gateway Connectivity Oracle TMA TCP for Cics Components TMA TCP for Cics Handler TMA TCP for Cics Application HandlerIBM TCP/IP Sockets Interface TMA TCP for Cics Pre-requesterTMA TCP for Cics Requester IBM TCP/IP Sockets for Cics Supplied ListenerProcessing Scenarios Requests from within an Oracle Tuxedo DomainOracle Tuxedo to TMA TCP for Cics Routing TMA TCP for CicsRequests from within Cics Oracle TMA Client Gateway Configuration Getting Started with TMA TCP for Cics Understanding How Oracle TMA TCP for Cics Works Starting the Listener ProgramProcessing Remote Service Requests Running Oracle TMA TCP for CicsInitializing the Handler Shutting Down the Handler Using Bdwn to Shut Down the Handler Listing 2-1 Bdwn Command Line Syntax for HandlersStarting the Requester Program Shutting Down the RequesterUsing Bdwn to Shut Down the Requester Listing 2-2 Bdwn Command Line Syntax for RequestersTranslating Data with TMA TCP gateway Oracle Tuxedo TerminologyTerm Definition Data Translation RulesOracle Tuxedo Terminology Field Type Translation RulesRemote Data Type Description View Field Type/LengthStrings and Numeric Data a Closer Look Including Null Characters in String Length CalculationsConfiguring the TMA TCP Security Service Request Processing with SecuritySecurity Checking from Unix to Mainframe Security Checking for Unix to Mainframe TransactionsSecurity Checking from Mainframe to Unix Security Checking for Mainframe to Unix TransactionsSetting Up Security for TMA TCP for Cics Securing Inbound ServicesSecuring User Connections Securing Outbound Connections from Cics to Unix Securing Outbound Connections from Cics to CicsSecuring Outbound Connections from Cics to IMS Securing Outbound Services Configuring and Administering Oracle TMA TCP for Cics Menu Navigation Main MenuMenu Type Use Usage Main Menu Beam Sub-menu Codes Area of OperationEnter This Code To Access This Screen Main Menu Beam Operation Codes Allowable OperationBrowse Requester PF Keys Update Connection Screen C2Connection Screens Function Keys DefinitionsFields Field Name DescriptionInquire Connection Screen C3 This name is the gateway ID. Specify a unique name up to Browse Connection Screen C5 Requester Screens Insert Requester Screen R1 Function KeyConfiguring the TMA TCP Security section Used on the Oracle Tuxedo-side configuration. Coordinate Update Requester Screen R2 TMA TCP Security Cics Inquire Requester Screen R3 Queue NameIs a unique name up to 16 characters. Example bankmach1 On the Oracle Tuxedo-side configuration. Coordinate with Delete Requester Screen R4 This name is a unique name up to 16 characters. Example An eight-character ID. This name must be the same ID Browse Requester Screen R5 Outbound Service Information Screens Insert Outbound Service Information Screen S1 Function KeysService name as it is known to the Cics programmer Update Outbound Service Information Screen S2 Inquire Outbound Service Information Screen S3 Delete Outbound Service Information Screen S4 This name is a symbolic name as it was defined on the Delete Browse Outbound Service Information Screen S5 User Connection Account ScreensInsert User Connection Account Screen U1 Update User Connection Account Screen U2 Inquire User Connection Account Screen U3 Delete User Connection Account Screen U4 Browse User Connection Account Screen U5 Inbound Service Information Screens Insert Inbound Service Information Screen Service name as it is known in the remote Oracle Tuxedo Update Inbound Service Information Screen Cics sectionFields Inquire Inbound Service Information Screen TCP Cics sectionFields Delete Inbound Service Information Screen Fields Browse Inbound Service Screen Message resultsHandler Configuration Screens Update Handler Configuration Screen H2 Inquire Handler Configuration Screen H3 Fields Dynamically Configuring TMA TCP for Cics Modifying Outbound ServicesModifying User Connection Accounts Administering the Gateways Modifying ConnectionsDeleting Requester LMIDs Oracle Tuxedo Mainframe Adapter for TCP Cics User Guide Buffer Layout Issues Client Application ConsiderationsMaking Calls from a Cics Client Program Listing 5-1 Cobol RecordListing 5-2 C Structures Request Codes Return Codes Value Examples Listing 5-3 Cobol Cics Client Program ExampleListing 5-4 C Cics Client Program Example Error Handling Exec Cics Link ProgramprereqApplication Errors Server Application ConsiderationsProgramming Services with a Response Programming Services without a ResponseModifying the Length of the Return Message Oracle Tuxedo Mainframe Adapter for TCP Cics User Guide Messages Returned to the Remote Gateway Message DescriptionDisconnect process has completed successfully Messages Written to the TMA TCP for Cics Log Password specified in the TMA TCP gateway configuration File control function with the Fgetfl option failed Handler is verifying that the account and password codes Codes Returned to a Cics Client Program Connection already existsValue Lmid Data Field Error Messages Informational Process MessagesMessage Description Action Entered is not valid MAX MSG Size entered is Enter a valid MAX MSG Size i.e System Error Messages Invreq