Service, Changes to the Class Descriptor Table | IBM GC28-1920-01

New Application Authorization

For more information on the convert_id_np (BPX1CID) callableOS/390service, s OpenEdition Programming: Assembler Callable Services Reference. The C

language support for the __convert_id_np() OS/390is discussedR2 C/C++ in Run-Time Library Reference

New Application Authorization

Service

A DCE application server on OS/390 can

use

DCE

security

services

for

a

control to resources that

are owned

by

the

application

server. As

a

the application developer can use

RACF

for

access

control

for

the

se

that are managed by the application server.

Consider

that application

servers

that

use

DCE

services

exclusively

on

the most portable to platforms that support

DCE. If

portability

is

no

concern and the application developer wishes to centralize access co

information in RACF, the application

developer

can consider

using

the

auth_check_resource_np service.

Through OS/390 OpenEdition MVS, a new a callable service

auth_check_resource_np (BPX1ACK) enables application servers to invoke R authorization services. This callable service is also supported by th library through the __check_resource_auth_np() function call. This ser application servers to perform authorization requests for resources t to RACF general resource classes.

For more information on the auth_check_resource_np callableOS/390service, s OpenEdition Programming: Assembler Callable Services Reference.

Changes to the Class Descriptor Table

The maximum length of profile names has changed for the following clas

ŸINFOMAN

ŸGINFOMAN

ŸJCICSJCT

ŸKCICSJCT

This change might require changes to customer code which uses these

ŸRACROUTE REQUEST=FASTAUTH

Ÿ RACROUTE	REQUEST=AUTH,	DEFINE, or EXTRACT, if the ENTITY keyword
is used	instead of	ENTITYX

IBM products should not need changes, because their usage of these compatible with this change.

Programming Interfaces

For a summary of changes to the programming interfaces for RACF for Release 2, see:

Ÿ “Class Descriptor Table (CDT)” on page 13

Ÿ “Data Areas” on page 16

Ÿ “Exits” on page 16

Chapter 10. Application Development Considerations53

Image 77

IBM GC28-1920-01 Service, Changes to the Class Descriptor Table, Programming Interfaces, New Application Authorization

Contents

Place graphic in this area. Outline is keyline only. DO NOT PRINT Security Server RACF Planning Installation and MigrationOS/390 Page OS/390 1996. All Second Edition, SeptemberPage Page Migration Contents Auditing Considerations Administration ConsiderationsCustomization Considerations Index Operational ConsiderationsChapter 10. ApplicationPage Figures Page Notices Trademarks About This Book How to Use ThisWho Should Use This Book xiii Softcopy Publications Where to Find More InformationŸ The OS/390 Security Server RACF Information , PackageSK2T-2180 Server Elements of Security RACF Installation - Student GG24-3971Notes Administration, H3927Using the Ÿ Tutorial Options for Tuning GG22RACF IBM Discussion Areas Other Sources of InformationInternet Sources listserv@uga.cc.uga.edu To Request Copies of Publications Features OS/390xviii Product ServiceŸ OpenEditionOSA/SF V2R5TSO/EPage Summary of Changes Page Migration Migration Planning ConsiderationsChapter 1. Planning Customization Considerations Installation ConsiderationsAdministration Considerations Operational Considerations Auditing ConsiderationsApplication Development Considerations General User ConsiderationsPage New and Enhanced Support Chapter 2. Release Overview identifies OS/390 OpenEdition DCEfunction introduced in OS/390 Release Check Concepts Auditing the Passing of Access Rights Authorizing and Auditing Server Access to the CCS and WLM ServicesOS/390 OpenEdition SOMobjects for MVS RRSF Network Multisystem Nodesnon-main systems TARGET OS/390 Enable and Disable FunctionsYear 1.10 NetViewclasses Facility updated for Function Not Upgradedidentifies function that Release Components for3. Summary of Class Descriptor Table CDT lists classes Commandswhich there Chapter 3. Summary of Changes to RACF Components for OS/390 15Release Command Exits Data Areaslists changed general-use programming interface GUPI data are Messages MacrosFigure 12 lists changes RACF macros Changed Messages New MessagesMessages RACF Database Split/Merge Utility IRRUT400 Publications Library PanelsRoutines Figure 13 lists RACF panels that are Templates SYS1.SAMPLIBFigure 16 identifies changes to RACF members of SYS1.SAMPLIB RACROUTE REQUEST=EXTRACT Template UtilitiesFigure 18 lists changes to RACF utilities for OS/390 Release 0280 Utility RACF Planning Installation and Migrationfor RACF OS/390 Security Server RACF Planning Installation and forMigrationChapter 4. Planning Considerations Migration Strategy Hardware Requirements RACF Planning Installation and Migrationfor RACF 2.1, andSoftware Requirements RACF Migration and Planning for RACF Requirements CompatibilityCompatibility Considerations for Remote Sharing Page Enabling RACF Chapter 5. Installation ConsiderationsConsiderations Networks configured installationare in your existing workspace data sets when you install multisystem R must Chapter 5. Installation Considerations29 nodename prefixsysname local-lu prefix.local-node.local-node .INMSG Virtual Storage RACF Storage ConsiderationsThis section discusses storage considerations for RACF Figure 21 estimates RACF virtual storage usage, for planning purposes Subpool Customer Additions to the CDT OS/390 Release Templates for RACF oninformation, OS/390see Security Server System Exit Processing Chapter 6. Customization Considerationsand IRRSXT00 Effects of OS/390 OpenEdition DCE RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01 IRRSXT00 Installation Exit Server RACF Security Administrators. Guide Chapter 7. Administration ConsiderationsCross-Linking Between RACF Users signon Activating DCEUUIDS ClassSignon to the DCE Encryption Key single signon restrictionsOpenEditionsee DCE Administration .GuideOS/390 OpenEdition DCE Application Considerations Threads and OpenEdition Planning, and inOS/390 OpenEdition Programming AssemblerLibrary Reference callable servicepthread orsecuritynp Changes to RACF Authorization ProcessingRestrictions Enhancements to the Rdceruid Callable ServiceUtility SYSMVIEW Chapter 7. Administration Considerations43Page SMF Records Chapter 8. Auditing ConsiderationsAuditors Guide and OS/390 Server RACF Macros Interfaces ServicesAuditing New OS/390 Auditing SystemView for MVS Support Auditing OS/390 OpenEdition DCE SupportReport Writer SMF Data Unload UtilityPage OS/390 Security Server RACF Command Language Referencefor more CommandChapter 9. Operational Considerations Enabling and DisablingPage 2000 Support Chapter 10. Application Development ConsiderationsServers 01yydddF pthread the securitynp New Application Services and Security New Application Authorization ServiceChanges to the Class Descriptor Table Programming Interfaces Ÿ “Routines” on page Ÿ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on page Considerations Chapter 11. General UserOpenEdition Reference forPage APAR OW14451 Chapter 12. NJE ConsiderationsOW08457 After Applying the PTF OW08457 Actions RequiredUACC NODES FAILSAFE APAR OW15408GROUP Page Migrating an Existing Chapter 13. ScenariosNodes RRSF On MIAMI2 prefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVEprefixTARGET NODEORLANDO DELETE prefixTARGET NODEMIAMI2 DELETE DELETE RACF DiagnosisOn ORLANDO Note The prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACE direction Glossaryaccess Page programming Seegeneral-use programmingSeeinventory Seemultisystem Seelogical logical supervisory other.single-system task segment andDFP classes continued Index A continued Page KEYSMSTR SERVERSFSCMD utilitiescontinued Page Edition OS/390 Security Server RACF Information IBM Now you can! TheIBM Online Library Productivity Page Page comments Communicating Your Comments to IBM OS/390 Security Server RACF Planning Installation and Migration Readers Comments - Wed Like to Hear from YouPublication No. GC28-1920-01 Note Copies REPLY MAILBUSINESS IBMPage GC28-192ð-ð1 IBMDrop in Back Cover Image Here