Provides a Java interface to allow administration of users and groups in security repositories; also provides a RACF-specific implementation. Support for z/OS version 1 release 9 includes the ability to query users and groups from z/OS RACF, other non-z/OS security mechanisms or interface with Java programs as a call or a check of security credentials.
This support provides two components:
Using Java Security Administration APIs
The Java security code is packaged into two jar files in HFS:
Since this is native Java code, it can be run on a variety of platforms. It can be run on z/OS or downloaded and run on any Java-capable platform. Similarly, it can be invoked from Java code on any machine with the Java Virtual Machine and a TCP/IP connection. Also, the z/OS system with RACF database must have LDAP/SDBM configured and running. See IBM Tivoli Directory Server Administration and Use (PDF, 7.5MB) (SC23-5191-00) or z/OS Integrated Security Services LDAP Server Administration and Use (PDF, 6.6MB) (SC24-5923-07) for details.
Running Java Security Code Off Platform
To use the native Java interface with another security manager or on a system other than z/OS, you need to set the classpath to the location where you placed the downloaded files. For example, on a PC, this would be:
Running Java Security Code on z/OS
To run Java security code on z/OS, you need to set CLASSPATH to pick up jar files, such as:
Also, the z/OS system with RACF database must have LDAP/SDBM configured and running.
The following link contains a zip file (78.8KB) where you can access and use various code samples. Also in this zip file is a file called Showattributes.html, which contains all User, Group and Membership attributes. It's an important reference as you begin coding.
The online documentation includes:
This page last updated January 2008.