Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Bypassing PassTicket replay protection z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
You might use the option to bypass PassTicket replay protection
when the threat of PassTicket replay is not a security concern, such
as in the following cases:
The option to bypass PassTicket replay protection allows the plus-or-minus-10-minute PassTicket replay protection to be bypassed for selected applications or combinations of selected applications, users, or groups. You indicate that replay protection is to be bypassed for a particular application by adding the text string NO REPLAY PROTECTION to the APPLDATA field of the PTKTDATA profile for that application. You must separate each word in the string with a single blank space, alphanumeric character, or keyboard symbol. The NO REPLAY PROTECTION text string will always be translated to upper case by the RALTER or RDEFINE commands. The NO REPLAY PROTECTION text string can appear anywhere within the APPLDATA field, allowing for the existence of other information already in the field, or for new information that might be added in the future. The following are examples of commands that will cause PassTicket replay protection to be bypassed. Examples:
Note:
|
Copyright IBM Corporation 1990, 2014
|