Setting up security for tma tcp for cics, Securing user connections, Securing inbound services – Oracle Audio Technologies Oracle Tuxedo User Manual
Page 32
3-4
Oracle Tuxedo Mainframe Adapter for TCP CICS User Guide
4. The TMA TCP gateway maps the mainframe user ID to a Tuxedo user ID and issues the
service request on behalf of that user.
5. The Tuxedo server performs access checks (based on the
tpacl
file) to verify that the user
has access to the requested service.
Setting Up Security for TMA TCP for CICS
The TMA TCP for CICS product supports enhanced security. This interface allows a requester
from Oracle Tuxedo services to pass a User ID through the CICS server interface for
authorization through your security package. For field definitions, refer to the
“Configuring and
Administering Oracle TMA TCP for CICS”
section.
Securing User Connections
Complete the following tasks to enable the security feature for each connection.
1. Specify
SECURITY=Y
in the Handler Configuration screen.
2. Enter values for the
ACCOUNT
and
PASSWORD
fields in the User Connection Account screen.
When
SECURITY=Y
, TMA TCP for CICS verifies the
ACCOUNT
and
PASSWORD
values from
the User Connection Account match the
RMTACCT
and
PASSWORD
values in the TMA TCP
gateway
GWICONFIG
file
*FOREIGN
section. If these values do not match and
SECURITY=Y
,
a security error occurs.
If
SECURITY=N
, the gateway allows a connection without any verification.
Securing Inbound Services
Complete the following tasks to enable the security feature for each inbound service.
1. Set up transaction security through the mainframe with the security administrator.
2. Specify
SECURITY=Y
in the Inbound Services screen for each service you want to secure.
When
SECURITY=Y
, the gateway attempts to start user programs with the username that
initiated the request as reported by the remote system.
If
SECURITY=N
, the gateway starts user programs using the gateway’s user ID (as
controlled by the socket listener).