CCS Tomcat server's userid definition?
search cancel

CCS Tomcat server's userid definition?

book

Article ID: 205248

calendar_today

Updated On:

Products

COMMON SERVICES FOR Z/OS 90S SERVICES Common Services CHORUS SOFTWARE MANAGER

Issue/Introduction

In the process on installing and configuring CA Common Services (CCS) Tomcat server.

In the section for configuring the Tomcat server's security it appears to assume the server's userid is defined.

  • Are there any special requirements for this userid?
  • What are the USS requirements, it clearly needs an OMVS segment but does it need a shell environment or can it be basically a null segment (pgm /bin/false, home /tmp but with a uid)?
  • What DIGTCERT privileges does it need?  

Environment

Release : 15.0
Component : CCS APACHE TOMCAT

Resolution

The user that is defined for the Tomcat task to run under must have a valid OMVS segment that includes the same GROUP as the default GROUP of the user ID that installed Tomcat.

A valid HOME directory (eg. /tmp), OMVSPGM (eg. /bin/sh) and UID are requirements.

This user should be the same user as specified for the SRVID symbol in member TOMSEDIT of the CAW0JCL installation library.

The user should have at minimum READ access to IRR.DIGTCERT.LIST and IRR.DIGTCERT.LISTRING. These access level requirements may change if the certificates are owned differently. For example, if the certificates are owned by CERTSITE then I believe CONTROL access is necessary. This setup is something that should be delegated to the security administrator.

 

Powered by Wolken Software