Tracing security problems, Using external security – Landmark Lighting D20R2-06/99 User Manual
Page 20
Access level:
READ
Primary resource:
DEV* and TEST*
Secondary resource:
None
Tracing Security Problems
Regardless of which type of security you choose to implement
(External, Internal, or User Exit), you may need to trace security
processing and resolve a security problem. Landmark provides a
trace facility for Landmark security processing. To start the
security trace during product initialization, add the
TRACE=SECURITY parameter to the appropriate data set specified
in your startup JCL, which is identified by the following ddnames:
•
TMONPRMS (for TMON for CICS/ESA and TMON for
CICS/MVS)
•
TMDBPRMS (for TMON for DB2)
•
TDBCPRMS (for TMON for DBCTL)
•
TMQSPRMS (for TMON for MQSeries)
•
TMVSPRMS (for TMON for MVS)
Adding this parameter activates a security trace for Internal
Security for the product. Each time a security check is made, the
check is traced. Read about the data set in your product
installation completion instructions in PerformanceWorks for MVS
and OS/390 Installation Guide.
To activate the trace facility when the product is already executing,
enter $TRACEON on the command line. To deactivate the trace
facility once you have started it, enter $TRACEOFF on the
command line.
Using External Security
External Security links to and uses security definitions specified by
external security products that use IBM’s system authorization
facility (SAF), such as RACF, CA-ACF2, and CA-TOP SECRET.
This discussion of External Security provides general instructions
for defining RACF security for your Landmark PerformanceWorks
MVS product. CA-ACF2 instructions are given in member
ACF2DOC in the Strategic Services sample library. CA-TOP
SECRET instructions are given in member TSDOC in the Strategic
Services sample library. If you do not have RACF, CA-ACF2, or
CA-TOP SECRET installed, you must set up corresponding
definitions using the security product you do have installed.
If you use External Security to control user logon access, you can
use any of the security types (internal, external, user exit, or none)
to control access to product functions. If, however, you choose to
Tracing Security Problems
Chapter 2: Security Definitions
2-4