This section summarizes how security checking is done in the AOR depending on how SECURITYNAME is specified in the AOR and TOR.
The link userid referred to in Table 1 and Table 2 is the one specified in the SECURITYNAME on the CONNECTION definition, or the USERID on the SESSIONS definition.
If a USERID is specified on the SESSIONS definition, and a link check is done, the userid used is the one on the SESSIONS definition.
Table 1 shows how checking is done when ATTACHSEC(LOCAL) is specified.
Region userid for AOR | SECURITYNAME in connection definition | USERID in SESSION definition | Checking in AOR |
---|---|---|---|
USERIDA | Not specified | Not specified | Check against AOR DFLTUSER |
USERIDA | Not specified | USERIDA | Check against AOR DFLUTSER |
USERIDA | Not specified | USERIDB | Check against USERIDB |
USERIDA | USERIDA | Not specified | Check against AOR DFLTUSER |
USERIDA | USERIDB | Not specified | Check against USERIDB |
USERIDA | USERIDA | USERIDA | Check against AOR DFLTUSER |
USERIDA | USERIDA | USERIDB | Check against USERIDB |
USERIDA | USERIDB | USERIDA | Check against DFLTUSER |
USERIDA | USERIDB | USERIDB | Check against USERIDB |
USERIDA | USERIDB | USERIDC | Check against USERIDC |
Table 2 shows how checking is done when the ATTACHSEC parameter IDENTIFY (or PERSISTENT, or MIXIDPE) has been specified.
Region userid for AOR | SECURITYNAME in connection definition | USERID in SESSION definition | Checking in AOR |
---|---|---|---|
USERIDA | Not specified | Not specified | Transmitted userid and AOR DFLTUSER |
USERIDA | Not specified | USERIDA | Transmitted userid only |
USERIDA | Not specified | USERIDB | Transmitted userid and USERIDB |
USERIDA | USERIDA | Not specified | Transmitted userid only |
USERIDA | USERIDA | USERIDA | Transmitted userid only |
USERIDA | USERIDA | USERIDB | Transmitted userid and USERIDB |
USERIDA | USERIDB | Not specified | Transmitted userid and USERIDB |
USERIDA | USERIDB | USERIDC | Transmitted userid and USERIDC |