We are installing CA View / Deliver / WebViewer on a new lpar and would like to know what access is required for each STC:

 - SARSTC
 - RMOSTC
 - CA CCS Tomcat (TOMCAT)

Release : 14.0

Component : CA View

The SARSTC started task uses the SAPI interface to collect and delete SYSOUTs and JESDS that meet the request criteria of CA View for data from the JES spool. 

SARSTC requires the appropriate access level to the JES spool's security profiles to perform these actions.

CA View requires UPDATE authority to:
 . . Access the database to save user profile information, such as last access date, current access mode
 . . Retain access information, such as the last time the report was browsed
 . . If the SARINIT EXPRESS parameter specifies a corresponding CA Deliver database, CA View users will need READ authority for the CA Deliver database

CA Deliver's RMOSTC, in its internal security, requires being able to activate bundles, along with program RMORAP. 

For information on Tomcat, please go to the following URL:

https://tomcat.apache.org/tomcat-8.5-doc/security-howto.html

Here is a URL which points to the View 14.0 documentation regarding ACF2:

https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/ca-view/14-0/reference-miscellaneous/security/external-security.html#concept.dita_5494dd416d666efdae0ebe470c368fa6de9a8e72_ImplementingExternalSecurityforCAACF2