The following table shows the Version 4.0.1 administration application
settings as they compare to the Version 5 administrative console settings
with associated notes.
Version 4.0.1 Administration application
settings |
Version 5 Administrative console settings |
Notes |
Local Identity |
Click Security
> zSAS Authentication > Local Identity.
Click Security
> Global Security. Under Additional Properties, click z/OS Security
Options. Type the information in the Local Identity field.
|
* Required always |
Remote Identity |
Click Security
> zSAS Authentication > Remote Identity.
Click Security
> Global Security. Under Additional Properties, click z/OS Security
Options. Type the information in the Remote Identity field.
|
*Required always |
Allow Unauthenticated Clients |
Click Security
> zSAS Authentication > Allow Unauthenticated Clients.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to AllowUnauthenticated Clients.
|
|
Userid Password Allowed |
Click Security
> zSAS Authentication > Userid Password.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to Userid Password.
|
** Ignored unless SAS |
Userid Passticket Allowed |
Click Security
> zSAS Authentication > Userid Passticket.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to Userid Passticket.
|
** Ignored unless SAS Note: A restriction
for this setting requires any application client wishing to communicate with
a server configured to use passticket to set the daemon_group_name variable.
You can set this variable by adding the following statement to the client
shell script or setupCmdLine.sh file in the $WAS_HOME\bin directory
: export daemon_group_name=<GROUP NAME> |
SSL Type 1 Allowed |
Click Security
> zSAS Authentication > Basic Authentication.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to Basic Authentication.
|
** Ignored unless SAS |
SSL Client Certificates Allowed |
Click Security
> zSAS Authentication > Client Certificate.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to Client Certificate.
|
** Ignored unless SAS |
Accept Asserted Identities Allowed |
Click Security
> zSAS Authentication > Identity Assertion Inbound.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to Identity Assertion Inbound .
|
** Ignored unless SAS |
Send Asserted Identities Allowed |
Click Security
> zSAS Authentication > Identity Assertion Outbound.
Click Security
> Authentication Protocol > zSAS Transport. Select the check box next
to Identity Assertion Outbound.
|
** Ignored unless SAS |
SSL RACF Keyring |
Click Defined in System SSL Repertoire
> SSL Setting. |
|
SSL V3 Timeout |
Click Defined in System SSL Repertoire
> SSL Setting. |
|
Enable Setting OS Thread Identity to RunAs |
Click Security
> zSAS Authentication > Sync to OS Thread Allowed.
Click Security
> Global Security. Under Additional Properties, click zOS Security
Options. Select the check box next to Sync to OS Thread Allowed.
|
|
IIOP Firewall Port |
Click Server
> server_name > End Points > ORB Listener Address > Port.
Click Servers > Application Servers > server_name.
Under Additional Properties, click End Points > ORB_LISTENER_ADDRESS.
On z/OS, the host field for ORB_LISTENER_ADDRESS can be set only to a wild
card (*) value, or a dotted decimal IP address in the form www.xxx.yyy.zzz where www, xxx,
yyy and zzz are the decimal values 0-255. Do not set the
host field to a fully qualified DNS name such as myhost.myco.com.
Type the port number into the Port field.
|
|
SSL Firewall Port |
Click Servers
> server_name > End Points > ORB SSL Listener Address > Port.
Click Servers > Application Servers > server_name.
Under Additional Properties, click End Points > ORB_SSL_LISTENER_ADDRESS.
Type the port number into the Port field. You can use any port number
in the range 0-65535.
|
|
HTTPS No Default (8080 in examples) |
Click Servers
> server_name.
Click Servers >
Application Servers > server_name. Under Additional Properties,
click Web Container > HTTP Transports > host_name.
|
|
LDAP Not Applicable |
LDAP 1439 |
|
Naming/IR Not Applicable |
Naming/IR Dynamically chosen |
|
ENABLE_TRUSTED_APPLICATIONS environment
variable |
Click Security
> Custom Properties > ENABLE_TRUSTED_APPLICATIONS control_region_security_enable_trusted_applications
environment variable.
Click Security >
Global Security. Under Additional Properties, click Custom Properties
> EnableTrustedApplications.
|
|