System Authorization Facility profile names
The WebSphere® Application
Server for z/OS® Customization
Dialog generates jobs that help you create the necessary System Authorization
Facility (SAF) profiles—such as STARTED, CBIND, or SERVER—that enable your
server to run. This article helps you understand how to work with these profiles
and determine if you need to also create your own.
At runtime, normal SAF specific and generic profile matching uses a combination
of the cell short name, cluster short name (or cluster transition name for
a non-clustered server), and server short name to select the appropriate matching
profile.
WebSphere Application
Server for z/OS customization
uses two schemes, specific and generic, in the creation of SAF profiles:
- With the specific profile scheme, a set of fully-qualified specific profiles
is created to exactly match the short names that apply to the server you customize.
This is either an application server or deployment manager.
- With the generic profile scheme, a set of generic profiles is also created
(the STARTED class BBO*.* profiles for example) The purpose of these generic
profiles is to provide a default profile for any server that is created administratively
and that has a default name so that the servers can operate successfully by
default.
Examples:
- An application server created through the administrative console has a
default server short name of BBOSnnn and a cluster short
name (or cluster transition name for a non-clustered server) of BBOCnnn,
where nnn is a unique number. By default, this server can
start using the BBO* generic profiles.
- Node federation creates a node agent server. If the base application server
that you federate is configured with a Java Message Service (JMS) integral provider,
then a standalone JMS server is also created. The node agent has a default
name of BBONnnn and the JMS server is BBOJnnn,
where nnn is a unique number. By default, these servers
can start using the BBO* generic profiles.
The generic profiles that customization creates are not required and exist
only for your convenience in case you use the default server short names and
cluster short names (or cluster transition names for non-clustered servers)
generated by WebSphere Application
Server for z/OS.
You can choose to delete the generic profiles if, for example, your organization
has particular naming conventions and you will not use the default names generated
by WebSphere Application
Server for z/OS.
In that case, ensure that you have your own strategy for creating the required
SAF profiles, either generic or specific, with your own naming convention—WebSphere
Application Server for z/OS does not create them for you.