Receiving User Type from Custom Single Sign On (SSO) Class in CA Repository for z/OS WebStation Option r7.1

Document ID : KB000032870
Last Modified Date : 14/02/2018
Show Technical Document Details

Summary:

 

PTF RO86113 introduces changes to CA Repository for z/OS Webstation Option 7.1 so that clients can determine the role type of the incoming user (e.g., Administrator or not) from a Custom SSO class, if desired.   The role type can be used to determine what features to display to Admin vs Non-admin users.  For example, only display the ‘View SQL’ button and ‘Text Processing’ option to users who are Administrators while hiding these options from non-administrator users.

 

Instructions:

 

1.       On Database Server

 

a.       Create new user table that contains 2 columns

                                                               i.      USER_NAME

                                                             ii.      USER_TYPE

 

b.      Refer to “the Example of new user table” section for details.DummySingleSignOn.java

 

2.       On Client/server

 

a.       Create custom SSO class to read the new table and pass the values back to WebStation Option .

b.      Customize the QryResult.jsp to retrieve the user type and use IF/THEN logic to display or hide the various options(View SQL and Text Processing) based on the user type.

 

Note: When new builds of CA Repository for z/OS 7.1 WSO become available, if you have implemented WSO Custom Single Signon (introduced with RO86113) or if you have any other customizations it will be necessary to back up the customized ‘jsp’ pages(s) from your existing WSO instance and re-customize the ‘jsp’ page(s) once maintenance is applied.

 

Example of new user table

 

In this example, the table was created in DB2 10 on z/OS.  Depending on the RDBMS used to create the table the necessary jdbc driver(s) and connection url should be provided to connect to the database from the custom SSO class. 

 

CREATE TABLE WSOUSERS

(USER_NAME     CHAR(8),

 USER_TYPE        CHAR(5));

 

 

 

Example of Custom SSO Class

 

// Use following definition if you wish to return user type in addition to connection, user name &

// password. You need to write source code to determine the user type (administrator or not) & 

// return it in so[3].

//Object[] so = new Object[4];

            

so[0] = conn;

so[1] = userID;

so[2] = passwd;

           

// Following is sample source code to determine user type assuming that a table is maintained in

// DB2 consisting of at least 2 columns; USER_NAME & USER_TYPE. Sample WSOUSERS table is      

// shown below with data,

           

 

// Table WSOUSERS

// USER_NAME     USER_TYPE

//------------------------

// user1         admin

// user2         user

// user3         user

           

/*Statement stmt;

ResultSet rs;

String sqlstmt;

sqlstmt="SELECT USER_TYPE FROM WSOUSERS WHERE USER_NAME='"+userID+"'";

           

stmt = conn.createStatement();

rs = stmt.executeQuery(sqlstmt);

 

rs.next();

so[3]=rs.getString(1);                                                     // return user type to WSO

           

rs.close();

stmt.close(); */

           

return so;

 

Note.

For a complete sample WSO Custom Class refer to the attachment ‘DummySingleSignon.java’

 

 

 

Example of Custom QryResult.jsp  

 

Retrieve user type value from custom SSO class

 

String userType=session.getAttribute("UserType").toString();

 

Restrict visibility of the ‘view sql’ button if the user is not of type Admin

 

<% if(userType.equals("A"))

{

%>

<span class="button"> <a href="javascript:showQuery();"

                onmouseover="status='';return true;">View SQL</a> <a

                href="javascript:processValue(rsltTable.document.curObj);"

                onmouseover="status='';return true;">Execute</a>

 

Restrict visibility of the ‘Text Processing’ option if the user is not of type Admin

 

if(procDetails && userType.equals("A")){ %>

                <option value="text" <%   if (isTxtProcessing){ %> selected <%   }  %>>Text

                Processing</option>

                <%   }  %>

                <option value="report" <%   if (isReportProcessing){ %> selected

                                <%   }  %>>Report Processing</option>

 

 

Additional Information:

 

Refer to Chapter 8, ‘Implementing User Logins’ in the CA Repository for z/OS WebStation Option r7.1 Administrator Guide

 

 

File Attachments:
TEC1101526.zip