RACF server class profiles

The Resource Access Control Facility (RACF) server class profiles are used to permit the unauthorized WAS servant region access to Control Region services.

The Resource Access Control Facility (RACF) server class profiles are used to:

  1. Permit the unauthorized WebSphere Application Server servant region access to Control Region services
  2. Control dynamic application environments, which are displayed and controlled differently from static application environments

You can choose between two SERVER class profiles. You need one of these profiles, and which profile you need correlates to dynamic application environment (DAE) support.

When Dynamic Application Environments are supported, use: RDEFINE SERVER CB.<.server>.<.cluster>.<.cell> UACC(NONE) PERMIT <.SR_userid> ACC(READ)

When Dynamic application environments are not supported (static application environments), use: RDEFINE SERVER CB.<.server>.<.cluster> UACC(NONE) PERMIT <. SR_userid> ACC(READ)

Note: To use dynamic application environment commands you must be running z/OS Version 1 Release 2 or above with the WLM-DAE support PTF APAR OW54622 enabled.

To set up both the three-part or four-part RACF server class profiles for the application server or cluster for your dynamic application environment, the user ID for the servant region must be given read access to both of the profiles.

Three-part profile

The existing three-part profile has the form:

<subsystem_type>.<subsystem_name>.<application_environment_name>

where:

Four-part profile

The four-part profile adds the cell name to avoid ambiguities with existing profile names. The four-part profile has the form:

<subystem_type>.<subsystem_name>.<application_environment_name>.<cell_name>

where:

Examples of profile names

Three-part profile names:

Four-part profile names:

If you do not want to discriminate between any of the application servers, you can eliminate all the specified profiles and use a generic form to cover the three and four-part names for all the servers in the sysplex:


Related tasks
Configuring server security
Related reference
WLM dynamic application environment operator commands



Searchable topic ID:   rsec_racf_profile
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/rsec_racf_profile.html

Library | Support | Terms of Use | Feedback