This topic applies only on the z/OS operating system.

Planning for security

About this task

A security domain definition in z/OS provides WebSphere Application Server for z/OS with a set of cell-wide z/OS Security Server (RACF) security definitions.
Note: The cells involved might be stand-alone application server cells, Network Deployment cells, or both.
A security domain definition includes the following:
  • Common definitions for administrative users and groups
  • X509 Digital Certificate Authorities, to ensure SSL communication
  • SAF groups to which servers belong
  • Authorization profiles
You can use multiple security domains to isolate WebSphere Application Server for z/OS cells from one another within a sysplex. For example, you should create separate security domains for cells that require different groups of users to have administrative authority.

If you plan to use SAF to control access to J2EE roles by way of the EJBROLE class, you might want to define a security domain identifier as part of the security domain definition. This causes role names to be prefixed with the security domain identifier.

Procedure

  1. Print a copy of Customization tool worksheet: Security Domain.
  2. Fill out the worksheet as described in Customization Dialog variables: Security domain.
  3. Save the worksheet for use during the security customization.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Sep 20, 2010 10:03:57 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-zos&topic=tins_planningsecdomain
File name: tins_planningsecdomain.html