Security keys for resource definitions

Here is the format of the security keys that the CICS® Configuration Manager server creates to check a user's authority to manipulate resource definitions:

Table 1. Security keys that CICS Configuration Manager creates to check whether a user is authorized to manipulate resource definitions
Might create ResGroup? API command Security key format  2  Access authority
Yes  1  Copy For the source resource definition:  3 
Read syntax diagramSkip visual syntax diagram
>>-prefix.source_CICS_config.source_group.type.name------------><

READ
For the target resource definition:
Read syntax diagramSkip visual syntax diagram
>>-prefix.target_CICS_config.target_group.type.target_name-----><

ALTER
Rename  4  For the source resource definition:
Read syntax diagramSkip visual syntax diagram
>>-prefix.target_CICS_config.source_group.type.source_name-----><

For the target resource definition:
Read syntax diagramSkip visual syntax diagram
>>-prefix.target_CICS_config.target_group.type.target_name-----><

Create
Read syntax diagramSkip visual syntax diagram
>>-prefix.target_CICS_config.group.type.name-------------------><

Start of change 6 End of change
Import  5 
 

Add
Delete
Recover
Remove

Inquire READ

Alter
Update

UPDATE
 1 
If the target resource definition key specifies a ResGroup that does not exist, then the API command the attempts to create the ResGroup. This involves an additional security key, as if a Create API command had been requested for the ResGroup. Note that this additional security checking does not involve API command security checking for a Create API command; just resource definition security checking for the ResGroup that needs to be created (as per the entry for Create in this table).
 2 
If the resource type is a group/ResGroup, then specify a "-" (hyphen) character as the group parameter.
 3 
If the source CICS configuration refers to an export file, then no security check is performed for the source resource definition.
 4 
You can think of a Rename API command as consisting of two operations: delete the source resource definition, and then create the target resource definition. Both operations require ALTER access authority.
A Rename API command for a group/ResGroup involves resource definition security checks (requiring ALTER access authority) for all of the following:
  • Each source resource definition (in the original group/ResGroup)
  • Each target resource definition (in the renamed group/ResGroup)
  • When renaming a ResGroup (not a group): the target ResGroup
 5 
The CICS configuration parameter for Import refers to the target CICS configuration where the resource definition is to be imported (copied) to, not the source CICS configuration (that refers to the export file) where the resource definition is to be imported from.
Start of change 6 End of change
Start of changeIf the resource type is not associated with a group/ResGroup, then specify a "-" (hyphen) character as the group parameter.

If the resource type does not have a unique name, then specify a "-" (hyphen) character as the name parameter.

For example, specify group as a hyphen and name as a hyphen for the CICSPlex® SM full-function BAS APPLDEF, RASINDSC, and SYSLINK resource types.

End of change

For each resource definition, the Copy and Rename API commands create two security keys, and make two calls to the external security manager: one for the source resource definition, and another for the target resource definition.

For the Rename API command, the parameter for the CICS configuration is labelled "target" in both security keys because you can only rename a resource definition within the same CICS configuration.

The resource definition name is the last qualifier in the security key to simplify group resource profile definitions: some resource types may contain a period (.) as part of the resource name.

For descriptions of the fields in these keys, see API parameters.


Information Information

Feedback


Timestamp icon Last updated: Friday, 8 February 2013


http://pic.dhe.ibm.com/infocenter/cicsts/v5r1/topic//ccv-security-key-definitions.htm