Hello,
We have an issue in one our project. The project is deveopled to see who are
using the system using the shared mainframe id.
scenario.
1. There are some users who logon to the mainframe using the sharedid and
common password and do some inquiry going to the cics region. To see who are
using the sysytem in this way ,we have developed a new screen and where the
shared users will be entering their individual id & individual password , then
only the system will allow to enter to the application in the cics region.
Problem:
The problem here is that say suppose the user 1 using the shared id and
common passord login from terminal 1 and after some time while this user is
logged in , say a user 2 is logging in teminal 2 using the shared id and common
password , the other user will be automatically kicked out, but still the
online cics region will be active & for the 2'nd user the cics region will not
ask their individual password and the new screen will not be thrown.
Here there is a security issue/flaw involved. we need to control this and
this loophole in the design has to be tackled. could some one give us
suggestion how to take this?
Thanks,
Raj
---------------------------------
You snooze, you lose. Get messages ASAP with AutoCheck
in the all-new Yahoo! Mail Beta.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
