Does ACF2 RECKEY ADD subcommand validate duplicate entries within subsequent NEXTKEYs?
Article ID: 190029
Updated On:
Products
ACF2
ACF2 - z/OS
Issue/Introduction
Using the RECKEY ADD command to add user id access to ACF2 resource keys. But in scenarios where access
is provided for an ID within a NEXTKEY of the resource, RECKEY ADD on the primary key does not reflect it as a duplicate.
Please advise if this is the nature how it works.
Example :
ABCD KEY :
$KEY(ABCD) TYPE(CKP)
UID(*) NEXTKEY(ABCDNXT1)
ABCDNXT1 KEY:
$KEY(ABCDNXT1) TYPE(CKP)
$PREFIX(ABCD)
UID(ABCDEFG) ALLOW
RECKEY ADD :
SET RES(CKP)
RECKEY ABCD ADD(UID(ABCDEFG) ALLOW)
This inserts a rule line in rule ABCD and does not validate the NEXTKEY.
is provided for an ID within a NEXTKEY of the resource, RECKEY ADD on the primary key does not reflect it as a duplicate.
Please advise if this is the nature how it works.
Example :
ABCD KEY :
$KEY(ABCD) TYPE(CKP)
UID(*) NEXTKEY(ABCDNXT1)
ABCDNXT1 KEY:
$KEY(ABCDNXT1) TYPE(CKP)
$PREFIX(ABCD)
UID(ABCDEFG) ALLOW
RECKEY ADD :
SET RES(CKP)
RECKEY ABCD ADD(UID(ABCDEFG) ALLOW)
This inserts a rule line in rule ABCD and does not validate the NEXTKEY.
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Resolution
ACF2 RECKEY processing is expected in that the RECKEY will not check for duplicate
entries within the NEXTKEY rules.
This was consistent with ACF2 rule definitions using PGM=ACFBCOMP and COMPILE
of the primary $KEY and the duplicate was not noted if within the NEXTKEY rule.
entries within the NEXTKEY rules.
This was consistent with ACF2 rule definitions using PGM=ACFBCOMP and COMPILE
of the primary $KEY and the duplicate was not noted if within the NEXTKEY rule.
Feedback
Yes
No
Powered by
