z/OS Security Server RACF Macros and Interfaces
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Generating and evaluating a PassTicket

z/OS Security Server RACF Macros and Interfaces
SA23-2288-00

A product or function that generates a PassTicket must use the RACF® PassTicket generator algorithm. This algorithm requires specific information as input data and produces a PassTicket that substitutes for a specific end-user RACF password. RACF uses the PassTicket to authenticate the end-user for a specific application running on a specific system that uses RACF for identification and authentication.

There are four ways to generate and evaluate a PassTicket using the algorithm:
  • If the function using the secured signon capabilities is running on a z/OS® system, you can use the RACF secured signon service to generate the PassTicket. The algorithm is already incorporated into the service and allows RACF to generate a PassTicket on the host. An authorized program, such as one authorized by the authorized program facility (APF), can use the service to generate PassTickets. See Using the service to generate a PassTicket for more information.
  • For any function that generates a PassTicket, you can create a program that incorporates the algorithm. See Incorporating the PassTicket generator algorithm into your program for more information.
  • You can use the r_ticketserv and r_gensec callable services. This interface supports problem state callers, and both 31-bit and 64-bit callers. For more information about these callable services, see z/OS Security Server RACF Callable Services.
  • Java™ code can use a Java interface that uses a Java Native Interface (JNI) and calls the r_ticketserv and r_gensec callable services. For information about this interface, see the JavaDoc shipped in the IRRRacfDoc.jar file, which is installed into the directory /usr/include/java_classes. Download the jar file to a workstation, un-jar it, and read it with a Web browser.

Go to the previous page Go to the next page




Copyright IBM Corporation 1990, 2014