Verifying access control
You can use the sample application to check that FTM SWIFT access control works properly:
- On the runtime system, log on to z/OS® UNIX as the first FTM SWIFT security administrator (UA1). The access rights of this user are described in Table 1.
- Run the profile by entering the following command:
. /var/ftmswift_v324/run/dniprofile - To add the role DniSample to the user ID UA1 (this is the user who is to start the sample
application), issue the following commands:
dnicli -i DNIvINST -ou SYSOU -s DNI_SECADM add -user UA1 -ro DniSample -ou SYSOU com -user UA1 .quit - On the runtime system, log on to z/OS UNIX as the second FTM SWIFT security administrator (UA2).
- Run the profile by entering the following command:
. /var/ftmswift_v324/run/dniprofile - Issue the following commands:
UA1 now has the right to let the sample application run with access control.dnicli -i DNIvINST -ou SYSOU -s DNI_SECADM app -user UA1 .quit - Switch back to UA1 and
issue the following command on a single line:
Your message processing nodes are properly configured if the sample application issues the following message:inst_dir/run/samples/dniccsam -i DNIvINST -ou SYSOU -qm DNIvMQMN -in inst_dir/run/samples/dniccda2.xml -out dniccsam.outDNIC1107I Message processing performed by FTM SWIFT sample service was successful.