Use this article to familiarize yourself with the z/OS® facilities used by the WebSphere® Application Server for z/OS application serving environment.
Digital certificates and key rings or key stores are required for Secure Socket Layer communication. These certificates may be stored in the System Authorization Facility (SAF) security database, or in files in the configuration file system.
System Authorization Facility profiles are created during customization to grant necessary authorities to WebSphere Application Server for z/OS address spaces.
Component Trace (CTRACE) facilities in WebSphere Application Server for z/OS are used to manage the collection and storage of trace data. CTRACE data is written to address space buffers in private (pageable) storage, which can be formatted using IPCS if a dump of the address space is taken. CTRACE data can also be written to trace datasets on disk or tape using an external writer. Although CTRACE data is primarily output for use by IBM® service personnel, using CTRACE capabilities at your installation allows you to have additional trace data available when a problem first occurs. Because CTRACE efficiently uses system resources, you can collect valuable trace data with minimal impact on performance.
System Logger is used by WebSphere Application Server for z/OS. This is an MVS™ component that allows applications to log data in a sysplex, to log error and trace information and provide XA transaction logging. The System logger creates and manages log streams, which are written first to a coupling facility or local in-memory buffer, then transferred to log datasets on DASD for longer term access. Log streams that are written to local buffers rather than to a coupling facility are called DASD-only log streams.
System Authorization Facility groups are used by WebSphere Application Server for z/OS to associate user IDs with common sets of permissions.
A common set of SAF groups is used across a WebSphere Application Server for z/OS cell.
A System Authorization Facility user ID is associated with each WebSphere Application Server for z/OS address space. (A SAF-compliant security package, such as RACF®, is required by the WebSphere Application Server runtime.)