Before you begin
To set up both
the three-part or four-part RACF server
class profiles for the application server or cluster for your dynamic
application environment, the user ID for the servant must be given
read access to both of the profiles.
About this task
The Resource
Access Control Facility (RACF)
server class profiles are used to:
- Permit the unauthorized WebSphere® Application Server
servant access to controller services
- Control dynamic application
environments, which are displayed
and controlled differently from static application environments
Choose between two SERVER class profiles. You need one
of these profiles, and which profile you need correlates to dynamic
application environment (DAE) support.
Example
The existing three-part
profile has the form:
<subsystem_type>.<subsystem_name>.<application_environment_name>
where:
- <subsystem_type> is CB
- <subsystem_name> is
the application server
short name.
- <application_environment_name> is
the application
server generic short name, as specified in the WebSphere Application
Server variables. If the server resides in a cluster, the name specified
here must match the cluster short name. If the server does not reside
in a cluster, the name must match the name specified on the ClusterTransitionName
custom property for the server .
The
four-part profile
adds the cell name to avoid ambiguities with existing profile names.
The four-part profile has the form:
<subystem_type>.<subsystem_name>.<application_environment_name>.<cell_name>
where:
- <cell_name> is the short name of the cell
containing this application server.
Three-part
profile names:
- CB.T5SRV1.T5CL1 (the application server
with the short name T5SRV1
and generic short name T5CL1)
- CB.*.T5CL1 (all application
servers in the generic short name
of T5CL1)
- CB.*.* (any application server in the sysplex)
Four-part profile names:
- CB.T5SRV1.T5CL1.T5CELL
(the application server with the short
name T5SRV1, and generic short name T5CL1 that resides in the cell
T5CELL)
- CB.*.T5CL1.T5CELL (all servers in the generic short
name of T5CL1
in the T5CELL)
- CB.*.*.T5CELL (any server in the cell named
T5CELL)
If you do not want to discriminate between any
of the application
servers, you can eliminate all the specified profiles and use a generic
form to cover the three and four-part names for all the servers in
the sysplex: