Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 12. Securing WebSphere using eTr... > Classes and special records

12.2. Classes and special records

Table 12-1 briefly describes the resource classes and special records which eTrust CA-Top Secret employs to control Websphere.

Table 12-1. Resource classes and special records
ControlAuthorization
Access control lists in LDAPControls access to WebSphere for z/OS naming and interface repository data
CBIND classAccess to a server
DATASET classAccess to data sets
DCEUUIDS and IBMFAC classesMapping DCE credentials to eTrust CA-Top Secret user Ids
DSNR classAccess to DB2
EJBROLE classAccess to methods in enterprise beans
IBMFAC (IRR.DIGTCERT.LIST) & (IRR.DIGICERT.LISTING)SSL key rings, certificates and mappings
IBMFAC (IMSXCF.OTMACI)Access to OTMA for IMS access
IBMFAC (IRR.RUSERMAP)Kerberos credentials
File permissionsAccess to HFS files
GRANTs (DB2)DB2 access to plans and database
GEJBROLE classGrouping class for Enterprise Java Beans authorization roles
KERBLINKSpecifies a label-name to identify the foreign principal mapping record. Up to 8 alphanumeric characters and must be a unique name within the KERBLINK SDT record type.
LOGSTRM classAccess to log streams
OPERCMDS classStart and Stop servers by Daemon
PTKTDATA classPassTicket enabling in the sysplex (this relates to the session keys in the NDT in eTrust CA-Top Secret).
REALMUsed to define the local and foreign realms. Required for Kerberos setup, as you have to define the local realm to this class. This class is also used to define foreign realms.
SERVER classAccess to control region by server region.
SERVAUTH classTCP/IP in OS/390 2.10 and above uses the SERVAUTH resource class to protect TCP/IP resources from unauthorized access. There are four functions protected by the SERVAUTH class: Stack Access, Net Access, Port, and TN3270 Access.
SOMDOBJS classAccess to methods in CORBA objects
STCAssociate procname and userid in the STC table
SURROGAT class (*.DFHEXCI)Access to EXCI for CICS access



  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint