With CA-TOP SECRET

Edit online
For all versions of CA-TOP SECRET, member KLSTSNEV in SKLSSAMP provides enhanced messaging. This allows unedited CA-TOP SECRET messages to be displayed to the user.
  1. Copy dialog KLSVSSEC from -THILEV-.SKLSSAMP to -RHILEV-.RLSPNLS.
  2. Use the dialog to display the error messages.

The steps you take to set up a dynamic application list through CA-TOP SECRET will vary depending on the version of CA-TOP SECRET installed. For all versions, the first 2 steps are the same. Thereafter, one procedure is followed to set up dynamic application lists for CA-TOP SECRET Versions 4.1 and earlier. Another procedure is followed to set up dynamic application lists for CA-TOP SECRET Version 4.2 and later.

Version-Independent Configuration

The following two preliminary configuration steps should be taken by anyone setting up dynamic application lists through CA-TOP SECRET.

  1. Add the following entry in -RHILEV-.RLSPARM(KLVINNAM)

    CLASSES=dynaplst

    where dynaplst is a member in -RHILEV-.RLSPARM.

  2. Define dynaplst in -RHILEV-.RLSPARM to contain 
    VGWAPLST  EXTERNAL=external_class

    where external_class is the CA-TOP SECRET FACILITY name.

CA-TOP SECRET Versions 4.1 and Earlier Configuration

The following steps are taken next for CA-TOP SECRET Version 4.1 and earlier:
  1. In each user's CA-TOP SECRET access ID, specify access to the FACILITY named task.
  2. Allow your users access to each session ID through the Limited Command Facility (LCF) under the FACILITY, as in the following example

    TSS ADD(userid) CMD(task,(sessionid, ...))

    where task is the name of the FACILITY. Be sure to set MODE=FAIL.

Note: Previous references to session ID can also include or be replaced by VTAM network name (APPLID). Refer to Using administrator functions.

CA-TOP SECRET Versions 4.2 and Later Configuration

CA-TOP SECRET 4.2 modified the technique that CL/SuperSession uses for the Dynamic APPLIST Facility. A new Resource Definition Table (RDT) was introduced along with stricter checking of the CLASS parameter on FRACHECK macros.

Perform the following steps to use dynamic application lists with CA-TOP SECRET Version 4.2 or later.

  1. Review the discussion of RDT in the CA-TOP SECRET Command Function Guide.
  2. The following CA-TOP SECRET commands can be used to define an RDT class

    TSS ADD(RDT) RESCLASS(external_class) RESCODE(id)

    where external_class is the class you specified in the “EXTERNAL=ext_class” statement that is coded in the DYNAPLST member you created in -RHILEV-.RLSPARM. The RESCODE specification is a site-specific identifier for the RESCLASS defined in the RDT that provides a unique RDT entry identifier within that facility.

  3. Set the violation threshold (VTHRESH) to NOTIFY.
  4. Assuming KLV is specified as the external_class, specify definitions similar to the following example: 
TSS ADD(RDT) RESCLASS(KLV) RESCODE(unique_id)
TSS ADD(dept_acid) KLV(sess_id1,sess_id2,...,sess_idx)
TSS ADD(userid)    KLV(sess_id1,sess_id2,...,sess_idx)
TSS PER(userid)    KLV(sess_id1,sess_id2,...,sess_idx)

Optionally, a DEFPROT command can be issued to add additional security at other appropriate levels such as at the dataset, linklib, and terminal levels.

Note: Previous references to session ID can also include or be replaced by VTAM network name (APPLID). Refer to Using administrator functions.