RACF matches strictly on the resource name.
RACF根据资源名进行严格的匹配。
The RACF classes provide many options and capabilities.
RACF类提供许多选项和功能。
Finally, RACF provides some features that the OAM does not.
最后,RACF还提供一些OAM没有的特性。
Topic objects and the RACF profiles that match them secure topic trees.
TOPIC对象和匹配它们的RACF配置文件保护主题树。
The act of giving other users or groups authorities to perform RACF operations.
向其它用户或用户组授以执行资源访问控制程序(RACF)操作许可权。
The RACF classes defined for WebSphere MQ Security on z/OS provide many options.
针对z/OS上的WebSphereMQ安全性定义的RACF类拥有许多选项。
Create a keyring in RACF database called ringcicsb, using the commands in Listing 6.
使用清单6中的命令,在名为ringcicsb的RACF数据库中创建keyring。
This requires RACF to use several different profiles in various classes to control access to a resource.
这要求RACF在不同的类中使用几个不同的概要文件来控制对资源的访问。
Access to protected resources on this region is based on the RACF user profile and its group membership.
对该区域受保护资源的访问基于RACF用户个人文件及其群组成员关系。
RACF implements security through classes, which are RACF entities used to secure a specific type of resource.
RACF通过类来实现安全性,即用于保护特定类型的资源的RACF实体。
RACF profiles must be defined to protect the local application objects that you define for your queue managers.
必须定义RACF配置文件来保护您为您的队列管理器定义的本地应用程序对象。
The RACF profiles to protect a queue manager's resources can be defined even if the queue manager has not yet been created.
即使还没有创建队列管理器也可以定义用于保护队列管理器资源的RACF 概要文件。
There are other functional differences between the OAM and RACF, some of which will be discussed near the end of this article.
OAM和RACF还有其他功能上的差别,本文的末尾将讨论其中的一部分。
This example shows that the WebSphere MQ classes in RACF do not provide as granular of access for MQI operations as the OAM does.
这个例子表明RACF中的WebSphereMQ类不像OAM那样提供对MQI操作的细粒度访问级别。
The user ID that is issuing the binary deploy is not defined to the RACF program control the _login function to switch users failed.
发出二进制部署的用户ID在RACF程序控制中没有定义。用于切换用户的_ login函数调用失败。
Besides the differences that have already been discussed, there are differences in the functionality provided by the OAM versus RACF.
除了以上讨论的差别之外,OAM和RACF提供的功能也存在差别。
This behavior for topic security runs counter to the usual behavior of RACF profiles, where the profile that is the best match applies.
主题安全性的这种行为与RACF配置文件的正常行为相矛盾,后者采用最匹配的配置文件。
Here is an example of a RACF PERMIT command to grant the user ID for the channel initiator permission to connect to queue manager CSQ1.
下面是的例子展示了RACFPERMIT命令为用户ID授予连接到队列管理器CSQ1的通道启动程序权限。
So far we've looked at the RACF classes that are available to secure WebSphere MQ, and have examined the objects that they can protect.
目前为止,我们检查了可用于保护WebSphereMQ的RACF类以及它们能保护的对象。
On the other hand with RACF, UPDATE access supersedes any access which had previously been granted to GROUP1, since access is cumulative.
在另一方面,RACF中的UPDATE访问权限将取代先前授予group1的所以权限,因为访问权限是累加的。
The reason this is necessary is due to the manner in which the RACF RDEFINE command converts all characters to UPPERCASE before submitting to RACF.
之所以这样,是因为RACFRDEFINE命令会在提交到 RACF前将所有字符转换为大写。
This allows for roles to be defined that span enterprise resources rather than having an Application Server role, a Windows role, a RACF role, and so on.
这允许要定义的角色跨越企业资源,而不只是具有单个ApplicationServer角色、Windows角色、RACF角色等。
The audit parameter on a RACF profile provides a way to audit both successful and unsuccessful attempts to access any resources that the profile protects.
racf概要文件上的AUDIT参数提供一种方式来审计对概要文件包含的资源的访问尝试,不管访问是否成功。
But it is also possible, and perhaps more common, to reserve the right to define profiles, and to grant access to those profiles, to the RACF administrators.
但是还可以保留定义概要文件的特权,将访问这些概要文件的特权授予RACF管理员,这种情况更加常见。
On the other hand, the RACF implementation is probably more straightforward, because the same profile will be applied consistently to all user IDs or groups.
另一方面,RACF实现可能更加直观,因为相同的概要文件将应用到所有用户ID或组。
The user ID used to log on to the target server will need RACF authorization to the target load library, as well as authoritization to submit JCL and USS commands.
用于登录到目标服务器的用户ID需要目标装载库上的RACF授权,以及提交JCL和USS命令所需的权限。
The cumulative way that access is granted explains why the RACF implementation of security for queues does not allow get and put access to be granted independently.
以累加的方式授予访问权限解释了为什么队列的RACF安全实现不允许单独授予get和put 访问权限。
Similarly, the queue manager and all the data sets that support it can be deleted, but the RACF profiles will still exist until they are deleted from the RACF database.
类似地,可以删除队列管理器和支持它的所有数据集,但是racf概要文件仍然存在,除非您从RACF数据库删除它们。
RACF defines the classes used for WebSphere MQ so that if no profile is found, then the default is no access (that is, DFTRETC=8 in their class descriptor table definitions).
RACF定义用于WebSphereMQ的类,这样,如果没有发现任何配置文件,那么默认值是无访问权(即类描述符表定义中的DFTRETC=8)。
The assumption is that you'll begin to REVOKE privileges previously granted to individual user IDs (and/or to RACF—or equivalent—group IDs) as you phase in the use of roles and trusted contexts.
假设您将开始REVOKE以前在逐步使用角色和可信上下文期间授给个人用户ID(和/或RACF(或等效的)组 ID)特权。
应用推荐