Dear list,
We are planning to enable Security in Connect Direct for
external partners and we can see, as far as I understood, three options:
1. Enable Security exit and define all the external userids to
authenticate using this exit with interface to RACF;
2. Create an internal userid which will be translated using the proxy
(AUTH file) and allowing some functions within the Connect Direct
(Authorization File).
For example, external userid JOHN, when starting a transmission to node
CD.NODE.L1 will be "INTUSER" which will have authority in RACF to create a
dataset with HLQ=TST.FILE.CPY1
3. Authentication with Certificate and Node. Using this option will
allow the user JOHN from node CD.NODE.L1 to be authenticated using the node
and the Common Name (CN) defined in the certificate without using userid and
password.
For all the options described above, we have some questions:
* Do we need to enable the security exits (Stage 1 and Stage 2) for
option 2?
* In option 3, do we need to enable anything else than the
configuration in Secure+ to enable Cliente Auth ?
* For option 3, where the authentication is made using node and
certificate, does the user can transfer files or only submit process ??
* For option 3, do we need to define an internal userid through the
proxy and allow this userid to create datasets when transmitting data to our
internal node ??
If someone have any experience with it and could help, I really appreciate
that.
Thanks in advance,
Gilson
--
O software antivírus AVG realizou uma checagem de vírus neste e-mail.
www.avg.com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
