Transaction routing security with LU6.2
In transaction routing, the authority of a user to access a transaction can be tested in both the TOR and the AOR.
In the TOR, a test is made to ensure that the user has authority to access the transaction defined as remote, just as if it were a local transaction. This test determines whether the user is allowed to run the relay program.
The terminal through which the transaction is invoked must be defined on
the remote system (or defined as
shippablein the local system), and the terminal operator needs RACF® authority if the remote system is protected. The way in which the terminal on the remote system is defined affects the way in which user security is applied:
- If the definition of the remote terminal does not specify the USERID parameter:
- For links defined with ATTACHSEC(IDENTIFY), the transaction security and resource security of the user are established when the remote user is signed on. The userid under which the user is signed on, whether explicitly or implicitly (in the DFLTUSER system initialization parameter), has this security capability assigned in the remote system.
- For links defined with ATTACHSEC(LOCAL), transaction security, command security, and resource security are limited by the authority of the link.
In both cases, tests against the link security are made as described in Link security with LU6.2.
Note: During transaction routing, the 3-character operator identifier
from the TOR is transferred to the surrogate terminal entry in the AOR. If
the surrogate terminal was shipped in, this identifier is not used for security
purposes, but it may be referred to in messages.
When transaction routing PSB requests, the following conditions must both
be satisfied:
- ATTACHSEC on the connection definition must not be LOCAL (that is, it can be IDENTIFY, PERSISTENT, MIXIDPE, or VERIFY).
- PSBCHK=YES must be specified as a system initialization parameter in the remote system.