Planning provider security
When developing a CMPI provider for z/OS, consider
the security context in which the provider runs. Besides the levels
of security provided by the z/OS CIM server for authentication and
authorization, a provider is processed in the context of a user ID:
- Requestor's user ID
- By default, a provider is processed in the context of the requestor's
user ID for all invocations that are caused by an external CIM operation.
This means that the provider runs under the identity of the requestor's
user ID, and resource access authorization occurs against this user
ID. See the usage notes for the pthread_security_np call
in "Callable services descriptions" in z/OS UNIX System Services Programming: Assembler Callable Services Reference for
additional information.
- Designated user ID
- Alternatively, you can provide a designated user ID that runs
the provider.
Specify the designated user ID during provider registration
using the UserContext and DesignatedUserContext properties
of the PG_ProviderModule class.
When a provider is registered with a
designated user ID, the CIM server processes all requests under the
designated user ID, regardless which client user ID has issued the
request.
The user ID of the requestor is still available for
the provider and should be used for further authorization checking
in order to prevent unauthorized access to a resource. You have to
specify similar security definitions for the designated user ID as
for regular client users, as described in Switching identity (surrogate).
|