Security definition for configuration for Liberty JVM servers

Document ID : KB000106284
Last Modified Date : 13/07/2018
Show Technical Document Details
Introduction:
Liberty JVM in CICS and for this we need to define the appropriate TSS permits. Could you kindly transform the RACF (attached doc) statements into respective TSS instructions. 
Instructions:
Example 7-1   Creating the required SAF STARTED profile
RDEFINE STARTED BBGZANGL.* UACC(NONE) STDATA(USER(WLPUSER)) SETROPTS RACLIST(STARTED) REFRESH

TSS ADD(STC) PROCNAME(BBGZANGL.*) ACID(WLPUSER)

Example 7-2   Setting up and giving access to the server class process BBG.ANGEL
RDEFINE SERVER BBG.ANGEL UACC(NONE) PERMIT BBG.ANGEL CLASS(SERVER) ACCESS(Read) ID(CICSREGN)

TSS ADD(department acid) SERVER(BBG.) 
TSS PERMIT(CICSREGN) SERVER(BBG.ANGEL) ACCESS(READ) 

Example 7-3   Setting up the SAF unauthorized services profile
RDEFINE SERVER BBG.AUTHMOD.BBGZSAFM.SAFCRED UACC(NONE) PERMIT BBG.AUTHMOD.BBGZSAFM.SAFCRED 
CLASS(SERVER) ACCESS(READ) ID(CICSREGN)

TSS PERMIT(CICSREGN) SERVER(BBG.AUTHMOD.BBGZSAFM) ACCESS(READ)

Example 7-4   Setting up the AUTHMOD.BBGZSAFM profile (same as 7-3?)
RDEFINE SERVER BBG.AUTHMOD.BBGZSAFM UACC(NONE) PERMIT BBG.AUTHMOD.BBGZSAFM CLASS(SERVER) 
ACCESS(READ) ID(CICSREGN)

TSS PERMIT(CICSREGN) SERVER(BBG.AUTHMOD.BBGZSAFM) ACCESS(READ)

Example 7-5   Creating the profile for the IFAUSAGE services and giving read access
RDEFINE SERVER BBG.AUTHMOD.BBGZSAFM.PRODMGR UACC(NONE) PERMIT BBG.AUTHMOD.BBGZSAFM.PRODMGR 
CLASS(SERVER) ACCESS(READ) USER(CICSREGN) 

TSS PERMIT(CICSREGN) SERVER(BBG.AUTHMOD.BBGZSAFM.PRODMGR) ACCESS(READ)

Example 7-6   RACF refresh command for the SERVER resource
SETROPTS RACLIST(SERVER) REFRESH

No CA Top Secret equivalent and not needed

Example 7-9   Setting READ access for WEBUSER
PERMIT SC8CICS CLASS(APPL) ACCESS(READ) ID(WEBUSER)

TSS ADD(dept) APPL(SC8CICS) 
TSS PER(WEBUSER) APPL(SC8CICS) 

Example 7-10   Granting READ access to WSGUEST
PERMIT SC8CICS CLASS(APPL) ACCESS(READ) ID(WSGUEST) SETROPTS RACLIST(APPL) REFRESH

TSS PER(WSGUEST) APPL(SC8CICS)

Example 7-11   Setting up the SC8CICS profile for WZSSAD
RDEFINE SERVER BBG.SECPFX.SC8CICS UACC(NONE) PERMIT BBG.SECPFX.SC8CICS CLASS(SERVER) 
ACCESS(READ) ID(CICSREGN) 
SETROPTS RACLIST(SERVER) REFRESH

TSS PERMIT(CICSREGN) SERVER(BBG.SECPFX.SC8CICS) ACCESS(READ)