This IBMAr RedbooksAr publication explores various implementations of z/OSAr Identity Propagation where the distributed identity of an end user is passed to z/OS and used to map to a RACFAr user ID, and any related events in the audit trail from RACF show both RACF and distributed identities. This book describes the concept of identity propagation and how it can address the end-to end accountability issue of many customers. It describes, at a high level, what identity propagation is, and why it is important to us. It shows a conceptual view of the key elements necessary to accomplish this. This book provides details on the RACMAP function, filter management and how to use the SMF records to provide an audit trail. In depth coverage is provided about the internal implementation of identity propagation, such as providing information about available callable services. This book examines the current exploiters of z/OS Identity Propagation and provide several detailed examples covering CICSAr with CICS Transaction Gateway, DB2Ar, and CICS Web services with Datapower.Note: identity propagation will work on either an MRO connection or an IPCONN connection. ... 12:53:34 SC58CIC2 Program EC04 invoked by userid SWGDE 01/ 02/11 12:53:34 SC58CIC2 Remote Identity: uid=martina, ou=swg, o=ibmanbsp;...
|Title||:||z/OS Identity Propagation|
|Author||:||Karan Singh, Rogerio Camargo, Simon Dodge, Bob McCormack, Alain Roessle, Martina Schmidt, Ruben Thumbiran, Phil Wakelin, Nigel Williams, IBM Redbooks|
|Publisher||:||IBM Redbooks - 2011-09-29|