Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Controlling access to applications z/OS UNIX System Services Planning GA32-0884-00 |
|
If the APPL class for the security product is active, you can use a combination of profiles in the APPL class and the APPL operand on the RACROUTE REQUEST=VERIFY macro to determine which users are allowed to use specified applications as they enter the system. For example, if you do not want all of your users to use certain applications, you can activate the APPL class and create a profile with an access list that contains only those users who are allowed to access these applications. When specifying a profile, you have two choices: use the OMVSAPPL application ID (APPLID) or create a customized APPLID. In some cases, OMVSAPPL is the value that is always used for the APPLID parameter. If no customization is done, the following services specify OMVSAPPL
for the APPLID value. If the APPL class is active, use of these services
can be limited to those users who have access to the OMVSAPPL resource
in the CLASS(APPL).
In certain cases, if you customize the APPLID-related fields in
the BPXYTHLI, you can change the value used for the APPLID parameter
for these services:
The following C functions allow the APPLID to be specified other
than OMVSAPPL when invoking the service:
For more information about protecting applications, see z/OS Security Server RACF Security Administrator's Guide. |
Copyright IBM Corporation 1990, 2014
|