This topic applies only on the z/OS operating system.

Specifics about identification and authentication

For identification, each controller and servant start procedure must have its own user ID and you must define it in the STARTED class. Because you should give differing resource authorizations to each, you should give differing user IDs to controllers and servants.

Best practice: For identification, each controller and servant start procedure must have its own user ID and you must define it in the STARTED class. Because you should give differing resource authorizations to each, you should give differing user IDs to controllers and servants.bprac
Additional user IDs are required for installation. We provide the definitions for these user IDs in our RACF sample. See the customized instructions produced when you run the customization dialog.

Regarding authentication, an operator starts a cluster by using the START command and the controller start procedure. Authentication of the start procedure's user ID is made by virtue of the fact that an operator started the start procedure-that is, no password is required. If you want to restrict an operator's ability to start clusters, do so through the OPERCMDS class in RACF.

The WAS installer automatically generates the STARTED class profile to assign the User ID to WebSphere Application Server. If you are not using AUTO UID and AUTO GID in the OMVS segment for the WebSphere Application Server STC User ID, make sure that you have UNIQUE UID and GID assigned to the WebSphere Application Server STC. If they are not unique, you might either have problems starting WebSphere Application Server or in logging in to the administrative console if admin security is enabled.

All WebSphere user ids and groups must have an OMVS segment with a valid and unique UID or GID.




Related concepts
WebSphere Application Server security for z/OS
Concept topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 10:43:27 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v602web&product=was-nd-mp&topic=csecidauthspecific
File name: csec_idauthspecific.html