Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
PassTicket authentication z/OS Security Server RACF System Programmer's Guide SA23-2287-00 |
|
The RACF® secured signon function provides an alternative to the RACF password called a PassTicket. Instead of having the user's clear text password flow over the network, a RACF PassTicket can be generated by a requesting product or function, and used as the user's authenticator to a RACF secured network application. In addition to the possibility of improved security for passwords within the network, PassTicket technology can be used to effectively move the authentication of a mainframe application user ID from RACF to another authorized function running on the host system, or to the work station local area network (LAN) environment. If RACF authenticates a password field and determines that it is not the RACF password for the user ID, RACF might perform a second authentication step to determine whether the password field is a valid PassTicket. See How RACF processes the password or PassTicket for more information. See z/OS Security Server RACF Macros and Interfaces for information on generating PassTickets. |
Copyright IBM Corporation 1990, 2014
|