How to setup DB2 to use Top secret as an external security?

book

Article ID: 209887

calendar_today

Updated On:

Products

CA Top Secret

Issue/Introduction

Currently DB2 native grants / revokes are in use for controlling access to DB2 objects.

In order to use top secret as external security, what are the setup requirements in DB2 so that Top Secret can managing DB2 object level access? 

 

Is an assemble and link edit of [email protected] with any CA Top Secret module required? 

 

Thanks,

Lingam

Environment

Release : 16.0

Component : CA Top Secret Option for DB2

Resolution

A Link Edit of CADB2XAC Exit


Run the DB13XAC job from the sample JCL library. 
This job link edits the CADB2XAC exit module into an installation 
defined SDSNEXIT library with the name [email protected], replacing 
the existing version of that module.


Important! Include this library in the concatenation only for 
DB2 subsystems that will be running CA Top Secret Option for DB2.

The CADB2XAC exit module has two functions:
■ Implementation of  CA Technologies supplied version of [email protected] 
notifies the DB2 subsystem that external security will be implemented in this subsystem.
■ The DB2 subsystem is instructed to abend if it receives a security call other than through 
the CA Top Secret Option for DB2 external security interface. 

These instructions help ensure that the subsystem does not start without proper CA ENF 
for DB2 initialization.