Case 3: Using public authority

This case describes the steps of using public authority.

User JONESP wants to access the CREDIT file using the program CPPGM06. CPPGM06 requires *USE authority to the file. JONESP is a member of group profile DPTSM and does not have *ALLOBJ special authority. The system performs these steps in determining whether to allow JONESP access to the CREDIT file:

Flowchart 1, step 1.
  1. Flowchart 2, step 1. The CREDIT file has no private authorities. DPTAR’s authority is primary group authority, not private authority.
  2. Flowchart 2, steps 2 and 3. Owner’s authority (OWNAR) is sufficient.
  3. Flowchart 2, steps 4 and 5. Primary group authority (DPTAR) is sufficient.
  4. Flowchart 2, step 6. Authorized. Public authority is sufficient.

Analysis:

This example shows the performance benefit gained when you avoid defining any private authorities for an object.